« Ouch! (Know Your Spamming Affiliate) | Main | Getting The Details Correct in a Reffinapnce »

August 17, 2005

The mainstream news media is alive with stories about the Zotob family of worms spreading widely around the Internet. That the worm found its way into personal computers of some very large media outlets—CNN and The New York Times, for instance—helped the story get out even faster.

If you've come to my site to check the impact of this family on the "Virm" (virus/malware) category of my Spam Stats chart, you'll see (if you happen to check during the week that this article first appears) that the Virm count is in the normal weekday range. No, this isn't a calculation mistake. The difference with Zotob is that it spreads through means other than email. Because my Virm counter reports only what comes through in email, it won't know anything about direct attacks on open ports at IP addresses or internal network propagation.

But the stats do show about a 20% increase in spam above the usual "noise level" for the Tuesday of this week. It's hard to say for sure whether this is the result of infected machines spewing out more than the usual amount of relayed spam. There is a similar increase in the category of Dictionary Attacks, which includes spam sent to corrupted user account names at one of my domains—corruptions that have been in the spammers' databases for years.

Tuesday's increase can be attributed either to the spurt in infected PCs. Or it's simply back-to-school spam. After all, every third-grader should have his or her own fake Rolex.