Who knew that botnets make so little money? No wonder they have to have such huge networks.
Study: Storm botnet brought in daily profits of up to $9,500The investigation of spam and the malware payloads that accompany it is a major focus of companies and organizations, from the federal government down to the small-business part-time IT director. Most of this work, however, is devoted to detecting and filtering spam infected or otherwise, as well as to predicting what delivery vectors the industry might favor in the future. Actual data on the spam industry's economic model is much harder to come by—at least it used to be. Earlier this year, a group of researchers led by University of California-San Diego computer scientist Stefan Savage conducted research on the market fundamentals of the spam industry, from within the industry itself.
In order to conduct their research, Savage's team took partial control of part of the Storm Worm's massive botnet. A certain subset of the botnet's traffic was then rerouted, and delivered interested potential buyers to a web site under white hat control. Savage's websites mimicked those set up by the creators of Storm, but were specifically designed to return error messages if a visitor attempted to transmit any sensitive information or conduct a transaction. The team discovered three separate campaigns through the duration of their tests and analyzed some 469 million e-mails. Full details on the investigation, including a discussion of how the researchers infiltrated Storm and a very specific breakdown of what they found, is available here PDF.