Symantec's MessageLabs is reporting a surge in spam being sent by the notorious Rustock botnet using Transport Layer Security (TLS) encryption. According to PCWorld.com, two weeks ago, spam encrypted by Rustock using TLS was around 35 percent. However, that number has jumped to 77 percent.
MessageLabs is not the only one to notice Rustock's use of TLS. Phil Hay, a spam expert at M86 Security, also has confirmed that some Rustock botnets are using TLS:
Our statistics show that Rustock is still the leading source of spam output and this new use of TLS highlights an escalating level of sophistication.
In essence this means that organizations can't rely on enforcing TLS as a means for reducing spam.