The successful takedown of the Rustock botnet cut the volume of spam across the world by one-third, according to Symantec's March 2011 MessageLabs Intelligence Report.
By the end of last year, the notorious botnet was responsible for sending out 44 billion spam messages per day, or more than 47 percent of the world's total output, making it the leading purveyor of spam. Though Rustock lost some steam this year, it still managed to send out more than 13 billion daily spam e-mails earlier this month prior to its takedown, said Symantec.
But legal actions by Microsoft and raids by federal law enforcement managed to cut off the network just a couple of weeks ago. As a result, the number of overall global spam messages dropped to around 33 billion per day, compared with 52 billion the prior week.
Such botnets typically have a nasty habit of bouncing back, but Symantec isn't sure this one will be able to revive.
"It remains to be seen whether the criminals behind Rustock will be able to recover from this coordinated effort against what has become one of the most technically sophisticated botnets in recent years," MessageLabs Intelligence senior analyst Paul Wood said in a statement. "Rustock has been a significant part of the botnet and malware landscape since January 2006, much longer than many of its contemporaries."
Of course, when one spam purveyor goes down, others usually pop up to fill the gap. With Rustock off the radar, Bagle has now become the most active spambot in 2011 so far, according to Symantec. Bagle, which has been around for a number of years, has been sending out more than 8 billion junk e-mails per day since the end of last year, most of them linked to pharmaceutical products, said the report.
Beyond Bagle, other popular botnets such as Festi and Cutwail have accounted for a significant amount of overall spam. For March, slightly more than 83 percent of all global spam was triggered by botnets, a gain of 6 percentage points since the end of 2010.
"Botnets have been and remain a destructive resource for cybercriminals and through the years have become the spammers' air supply, without which it would be very difficult for them to operate," Wood said. "Botnets are also used for other purposes such as launching distributed denial-of-service attacks, hosting illegal Web site content on infected computers (known as bots), harvesting personal data from them, and installing spyware to track the activities of their users."