You know what to do …
From the link:
1. Rustock (generating 43% of all spam)
The current king of spam, its malware employs a kernel-mode rootkit, inserts random text into spam and is capable of TLS encryption. Concentrates solely on pharmaceutical spam.
2. Mega-D (10.2%)
A long-running botnet that has had its ups and downs, owing to the attention it attracts from researchers. Concentrates mostly on pharmaceutical spam.
3. Festi (8%)
A newer spambot that employs a kernel mode rootkit and is often installed alongside Pushdo on the same host.
4. Pushdo (6.3%)
A multi-faceted botnet or botnets, with many different types of campaigns. A major distributor of malware downloaders and blended threat e-mails, but also sends pharma, replica, diploma and other types of spam.
5. Grum (6.3%)
Also employs a kernel-level rootkit. A wide range of spamming templates changes often, served up by multiple Web servers. Mostly pharma spam.
6. Lethic (4.5%)
The malware acts as a proxy by relaying SMTP from a remote server to its destination. Mostly pharma and replica spam.
7. Bobax (4.3%)
Another long-running botnet that employs sophisticated methods to locate its command servers. Mostly pharma spam.
8. Bagle (3.5%)
The name derives from an earlier mass-mailing worm. Nowadays, Bagle variants act as proxies for data, and especially spam.
9. Maazben (2.0%)
By default, uses a proxy-based spam engine. However, it may also use a template-based spam engine if the bot runs behind a network router. Focuses on Casino spam.
10. Donbot (1.3%)
Donbot is named after the string “don” found in the malware body. Mainly pharma spam.
David Kirkpatrick 