• Total Posts: 43063
  • Total Topics: 16241
  • Online Today: 5251
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)

Author Topic: Storm botnet now mostly use shortened URL's for Spaming  (Read 2254 times)

0 Members and 1 Guest are viewing this topic.


  • SCF Administrator
  • *****
  • Posts: 7528
  • KARMA: 322
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • - Samker's Computer Forum

The tendency of spammers to use shortened URLs to evade detection has gone from last year's clever exploit to this year's mainstream tactic, MessageLabs has reported.

In the second quarter of 2009, emails using shortened URLs exceeded 1 in 200 emails only once, the company's July 2010 Intelligence report notes:

During the same period this year, its figures showed that this threshold had been breached on 43 days. On 10 of these days, the volume of shortened hyperlinks accounted for five percent of all the spam measured by the company.

The main recent culprit has been the Storm botnet, which spewed 11.8 percent of all the spam using the shortened URLs in the second quarter.

"As far as spammers are concerned, any tactics that make it harder to block their spam emails are going to be exploited," said MessageLabs' analyst, Paul Wood. The growth of URL shortened spam was demonstration that the tactic was being favoured simply because, on average, it was more effective at beating reputation filtering.

As evidence of this, MessageLabs believes that one website is visited for every 74,000 spam emails containing a shortened URL. More popular services could raise this to one in 63,000 messages.

One analysis not mentioned by MessageLabs is which services are the most exploited. The list will include the best-known services but the number of URL shorteneing services has expanded greatly since 2009 on the back of the social media boom which so favours the format, so the spammers have had plenty of choice.


Samker's Computer Forum -


With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters)

Enter your email address to receive daily email with ' - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising