Lethic botnet

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

The Lethic Botnet (initially discovered around 2008) is a botnet consisting of an estimated 210 000 - 310 000 individual machines [1] which are mainly involved in pharmaceutical and replica spam.

Dismantling and revival[edit]

Around early January 2010 the botnet was dismantled by Neustar employees, who contacted various Lethic internet service providers in a bid to take control of the botnet's command and control servers.[2][3][4][5] This move temporarily caused the botnets' spam to decrease to a trickle of its original volume.[6]

In February 2010 the owners of the botnet managed to re-establish control over the botnet, through the use of new command and control servers located in the United States. The takedown has decreased the spam volume of the botnet, however. As of February 2010 the botnets' amount of spam was down to a third of its original. As of April 2010 the botnet has an estimated 1.5% share of the spam market, sending about 2 billion spam messages a day.

See also[edit]


  1. ^ "Symantec.cloud | Email Security, Web Security, Endpoint Protection, Archiving, Continuity, Instant Messaging Security" (PDF). Messagelabs.com. 2010-04-04. Retrieved 2014-01-09.
  2. ^ Leyden, John (2010-02-17). "Undead botnets blamed for big rise in email malware; Grave concern over reanimated cyber-corpses". theregister.co.uk. London, UK: The Register. Retrieved 2014-01-09.
  3. ^ Leyden, John (2010-01-13). "Lethic botnet knocked out by security researchers; Zombie network taken down". theregister.co.uk. London, UK: The Register. Retrieved 2014-01-09.
  4. ^ "More Researchers Going On The Offensive To Kill Botnets". DarkReading. Retrieved 2010-08-28.
  5. ^ "Spammers survive botnet shutdowns". BBC News. 2010-03-18. Retrieved 2010-08-28.
  6. ^ "Lethic botnet - The Takedown". M86 Security. Retrieved 2010-08-28.

External links[edit]