• Early February coverage: The rapid rise of Mega-D botnet and its social-engineering attack methods were covered. There was a question about the malware behind Mega-D (identified as Ozok later), and no definite shutdown time.
• Current situation: Mega-D's profile is shrinking due to a 10-day control server failure, and Srizbi botnet is moving in. Srizbi is a spambot trojan with unsophisticated attack vector involving celebrity porn spam.
• Comparison with Mega-D: Srizbi's attack methodology is relatively primitive compared to Mega-D. Mega-D tried to mimic social website emails and showed Flash animations.
• Post-Storm botnet world: Marshal estimates that six botnets account for 85% of total spam. Srizbi is in the lead with 39%, followed by Rustock, Mega-D, etc. These numbers are based on spam production, not infected systems.
• Interesting development: Multiple botnets are being used to advertise a single product/group of products, indicating the commercialization of the botnet industry. This may lead to a twisted competitive advertising environment.
• Further reading: Links to relevant Ars Technica and Marsha articles.