Lethic botnet

The Lethic Botnet (initially discovered around 2008) is a botnet consisting of an estimated 210 000 - 310 000 individual machines which are mainly involved in pharmaceutical and replica spam.

The botnet was most prevalent in Europe, India and Southeast Asia.

Dismantling and revival
Around early January 2010 the botnet was dismantled by Neustar employees, who contacted various Lethic internet service providers in a bid to take control of the botnet's command and control servers. This move temporarily caused the botnets' spam to decrease to a trickle of its original volume.

In February 2010 the owners of the botnet managed to re-establish control over the botnet, through the use of new command and control servers located in the United States. The takedown has decreased the spam volume of the botnet, however. As of February 2010 the botnets' amount of spam was down to a third of its original. As of April 2010 the botnet has an estimated 1.5% share of the spam market, sending about 2 billion spam messages a day.