In the wake of Storm, Mega-D shines

They say sex sells and I guess the same holds true for spam. It seems that now a botnet called Mega-D (for Mega-Dik) has outpaced the infamous Storm for spam output. Even with Valentine's Day looming (Storm is noteworthy for sending malicious cards for that holiday in particular) Mega-Dik is still expected to outpace Storm's spam exploits.

There's speculation as to why Storm-based spam has declined, but it's likely because it has become so well known as a result of media reports about it. In the meantime, Mega-D's spam amounts are quietly increasing without the media scrutiny. Darren Pauli reports in the Computerworld article here "Storm worm dethroned by sex botnet" that just since September of last year Microsoft has eradicated Storm malware from 200,000 computers. While high profile botnets are increasingly being target by malicious software removal tools, newer botnets are laying low in their effort to remain successful. They're operating in countries where there's widespread broadband penetration and lax antivirus application and policies.

It's interesting to note that Facebook is a prime target of Mega-D; when users try to download a Flash Player update they actually get the Trojan horse instead. If we want to keep clear of these botnets, we have to make sure we not only have antivirus installed, but that we keep it up to date.