Following a two-week lull in spam caused by web hosting provider McColo going offline, one of the most infamous botnets, responsible for roughly two-fifths of the world's spam, has been searching for a new host.
According to a Vnunet.com report, Command and Control botnet Srizbi, with its network of approximately half-a-million infected computers, which may be responsible for up to 40 percent of all spam, has returned from the dead and has updated its bots with new code.
Threat research, analysis, and mitigation firm FireEye (www.fireeye.com) has reported that despite McColo's shutdown, which left spammers unable to control Srizbi-infected computers, Srizbi had a fallback mechanism that allowed spammers to reconnect with stranded bots in such a scenario. Srizbi temporarily came back online using Estonian ISP Starline Web Services (www.starline.ee), however, even this server, which has been accused of hosting malware, has cut off those servers.
A Friday blog by managed security services provider MX Logic (www.mxlogic.com) said that spam levels had risen due to the Srizbi botnet's return and that they will likely increase dramatically if it finds a permanent residence.
According to a PC World article Thursday, as nefarious are being forced offline because of pressure from the computer security community, hosting providers are taking it into their own hands to shut down these operations. For instance Atrivo which was cut off by its upstream providers in September.
"With the recent cases of McColo and Atrivo/Intercage taken off the Internet, it will be easier in the future to put more pressure on other known hosters of badware to take action or go offline," McAfee Avert Labs security strategist Toralv Dirro told PC World.
No responsibility can be taken for the content of external Internet sites.
Return to hosting news headlines
View Hosting News Archive