Srizbi Searches for Spam Host

Tags:  security  controversy  spam  malware  McColo  Srizbi  FireEye 

  • By David Hamilton, November 28, 2008

  •   Digg
      Delicious
    submit to reddit  Reddit
      Newsvine
      Stumbleupon
      Twitter
    Facebook

    (close)

    From:
    To:
    Share | Send | Print | Comments (0)

Verio Attracts Resellers with Free Month of VPS Hosting: Companies looking to boost revenues are finding Verio's Free VPS promotion the right fit for getting started as Hosting Reseller.

November 28, 2008 -- (WEB HOST INDUSTRY REVIEW) -- Following a two-week lull in spam caused by web hosting provider McColo going offline, one of the most infamous botnets, responsible for roughly two-fifths of the world's spam, has been searching for a new host.

According to a Vnunet.com report, Command and Control botnet Srizbi, with its network of approximately half-a-million infected computers, which may be responsible for up to 40 percent of all spam, has returned from the dead and has updated its bots with new code.

Threat research, analysis, and mitigation firm FireEye (www.fireeye.com) has reported that despite McColo's shutdown, which left spammers unable to control Srizbi-infected computers, Srizbi had a fallback mechanism that allowed spammers to reconnect with stranded bots in such a scenario. Srizbi temporarily came back online using Estonian ISP Starline Web Services (www.starline.ee), however, even this server, which has been accused of hosting malware, has cut off those servers.

A Friday blog by managed security services provider MX Logic (www.mxlogic.com) said that spam levels had risen due to the Srizbi botnet's return and that they will likely increase dramatically if it finds a permanent residence.

According to a PC World article Thursday, as nefarious are being forced offline because of pressure from the computer security community, hosting providers are taking it into their own hands to shut down these operations. For instance Atrivo which was cut off by its upstream providers in September.

"With the recent cases of McColo and Atrivo/Intercage taken off the Internet, it will be easier in the future to put more pressure on other known hosters of badware to take action or go offline," McAfee Avert Labs security strategist Toralv Dirro told PC World.

OLDER:  Parallels Adds SaaS Delivery Module | NEWER:  3FN Ups Hardware Swap Capability

Comment anonymously or log into your WHIR account

Logging in allows enhanced commenting features (such as external linking) in news, features, blogs and more.

User:

Pass:

(reset password)

Don't have an account yet? Register now!


 

Related Content

Most Popular