Symantec: Rustock Botnet Using TLS Encryption to Push Spam

Kara Reeder

Symantec's MessageLabs is reporting a surge in spam being sent by the notorious Rustock botnet using Transport Layer Security (TLS) encryption. According to, two weeks ago, spam encrypted by Rustock using TLS was around 35 percent. However, that number has jumped to 77 percent.


MessageLabs is not the only one to notice Rustock's use of TLS. Phil Hay, a spam expert at M86 Security, also has confirmed that some Rustock botnets are using TLS:

Our statistics show that Rustock is still the leading source of spam output and this new use of TLS highlights an escalating level of sophistication.

Hay says:

In essence this means that organizations can't rely on enforcing TLS as a means for reducing spam.

More from Our Network
Add Comment      Leave a comment on this blog post

Post a comment





(Maximum characters: 1200). You have 1200 characters left.



Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.

Resource centers

Business Intelligence

Business performance information for strategic and operational decision-making


SOA uses interoperable services grouped around business processes to ease data integration

Data Warehousing

Data warehousing helps companies make sense of their operational data