VERY IMPORTANT

We recently wrote about the massive “sextortion” spam campaign carried out by the Phorpiex botnet. However, this is only a small part of this botnet’s malicious activity. Capable of acting like both a computer worm and a file virus, Phorpiex is spread through exploit kits and with the help of other malware and has infected more than 1,000,000 Windows computers to date. By our assessment, the annual criminal revenue generated by Phorpiex botnet is approximately half a million US dollars. Of course, to maintain such a large botnet, a reliable command and control (C&C) infrastructure is required. For malware with a small outreach, or if infected computers are not part of a single botnet, virtual private servers (VPS) are most often used. VPS hosting services can be purchased from legitimate companies. Many VPS hosting providers don’t require identity verification, and the services can be paid for anonymously.