Rodel Mendrez, threat analyst with M86 Security, said in a blog posted January 7 that when the botnet was shutdown, the researchers were not sure about the actual size of the Lethic botnet, as per the news published by securecomputing.net.au January, 2010. But botnet is at present responsible for nearly 8-10% of spam in the firm’s trap, it is figured out by M86 as a sizeable botnet.
He added that majority of command and control (C&C) servers of this botnet are hosted by a Chicago-based ISP. M86 Security also estimated that after Rustock (32.8%), Mega-D (21.6%) and Bobax (12.1%), Lethic was the fourth most common botnet. The Bagle 2 botnet was responsible for only around 1.9% of spam distributed.
Paul Wood, MessageLabs Intelligence senior analyst at Symantec, also gave his views on Lethic’s development and activity. He said that this botnet has been under observance by Symantec Hosted Services since December 31, 2009. The botnet was responsible for 2.5% of total spam volume during the month, reported SC Magazine on January 11, 2010.
Apart from the shutdown of Lethic botnet, FireEye’s security experts helped in taking down the MegaD botnet in November 2009. In May 2009from the University of Californiaat Santa Barbara (USA) revealed how they had adopted an offensive approach by infiltrating Torpig botnet. This was very bold and notorious step taken by the researchers, which gave rise to debate as to what extents the researchers must go to shut down a botnet.
Such an act of shutting down Lethic botnet clearly shows the increasing extent of botnet chasers going offensive to stop cyber crooks, primarily by damaging their precious bot infrastructures.