Spam levels – hit by recent botnet takedown efforts – have begun to return to their previous noxiously high levels. The average global spam rate was 89.1 per cent, an increase of 1.4 percentage points on 2009, according to a study by Symantec. Global spam rates peaked at 92.2 per cent in August, largely powered by an aggressive …
So if you're on Rustock
and doing your "fair share" of spamming, that's _44,000_ messages a day, or one every two seconds (assuming a normal botnet-ed PC is on 24/7, which it probably isn't).
And if you're on one botnet your behaviour suggests you'll be on more than one. And since your PC's unlikely to be on 24/7 that means you'll be sending a lot more than 1 every 2 seconds. Per botnet.
How are people not noticing their PCs doing this sort of thing?!
Because that's not much traffic?
If you were connected at a pretty miserly 384Kb/sec upstream on your broadband connection, an bot that saturated the link would only be trickling data out of your 100Mb/s Ethernet link. You would never notice it.
How come they don't notice?
Easy: they don't understand and/or don't care.
Really, my father had an XP laptop that he continued to use for a while and complained about it being slow to start, when I asked about it, I found out it was taking 10 minutes to boot!
Now most reader's of El Reg would not put up with that and immediately see serious trouble (in his case, due to a 'helpful' friend installing crappy AV + antispyware on a machine with 256MB of RAM), but he just thought that was how a PC went.
Same with a friend's son, his laptop is stuffed with some rootkit, most likely from Limewire use, but he has not (as yet) been bothered to accept my offer to sort it out because he can't be bothered. That was over 6 months ago!
A/C in case my father wises up and starts reading El Reg!
When doing customer support on Broadband one of the things I used to check when people reported slow connections was the traffic. We were always told that we should only check things like line quality and similar stuff but I often saw a lot more going out than coming in.
Bearing in mind you'd usually expect domestic customers to be downloading all sorts of stuff rather than sending out, combined with the likelyhood of a lack of adequate protection and the habit of clicking on anything I reckoned it was a fair chance they were busy spamming away merrily without knowing.
But, being on the wholesale side, all I could do was send a note to the ISP with a vague suggestion that one of thier customers might, possibly, by chance, etc. etc. have an unwanted guest.
It was pretty common to see but apparently not a real issue that belonged to any party but the customer - and it's their machine. And most people haven't a clue, relying on the security that came with the machine but was never paid for to keep updating.
This morning I spent a while cleaning up someone elses laptop - it had more infections than after a week in Ibeza. They'd got a 'spyware remover' they couldn't remove, it was just the beginning . . .
I've also pondered the same thing. Then I think about anti-virus companies complaining that MS is offering their free security solution through Win Update to people that don't have virus software installed. I despise large companies, their lawyers, and inability to work for the greater good. basterds. All of them.