Web security analysts have found that around 85% of all the spam is spread by merely 6 botnets. A bot is essentially a computer, which is remotely controlled to perform certain tasks (in this case – spam) without the user's knowledge or consent, a botnet is a “net” of such bots.
At number one we have the Srizbi, which is responsible for almost 40% of all the spam, which analysts say uses “advanced and extremely stealthy malware”. Srizbi has been extremely active recently and lures users with a celebrity spam campaign.
The Rustock botnet comes second and Mega-D, after 10 days of inactivity – third. Mega-D has apparently reestablished their control servers elsewhere after the recent publicity. This botnet mostly concentrates on “Enlarge your penis” spam, promoting products with amazingly cheesy names, such as “Megadik”.
Among other significant botnets are Hacktool Spammer and Pushdo. Analysts say that many of the botnets may be linked together: Srizbi and Pushdo spam, for example, has been reported to link the same website.
The infamous Storm botnet, which is speculated to have anywhere from 50,000 to 1 million bots, makes up for only 3% spam, once again proving that size doesn't say much.