Spam on rise after brief reprieve In the world of spam, what goes down must come up.
Two weeks after the shutdown of web hosting firm McColo, which saw a two-thirds drop in spam worldwide, spam numbers are creeping up again. Industry experts disagree on the degree to which spam has returned, but most say that prior levels will soon be reached. Some 450,000 infected computers have been spotted trying to connect to the largest of the networks McColo hosted. Messaging security firm IronPort Systems reckons that for now, spam remains at a level below half that prior to the McColo shutdown, whereas MessageLabs sees the level at about two-thirds. In any case, spam is on the rise again. McColo served as host to a number of "command and control" centres for botnets, networks of infected computers called bots that send spam and engage in other malicious activities. With the shutdown of McColo, these botnets have been left without a centralised command, and the botnets' owners will be on the hunt for new hosts and bandwidth. Phoning home But the bots will remain infected with the malware that recruited them, and may soon be recruited anew. Internet security firm FireEye has spotted some 450,000 infected computers from the Srizbi botnet - alleged to account for as much as half of all the spam on Earth - trying to "phone home" and reach their command and control servers. According to an ongoing investigation by the Washington Post, who initiated the McColo shutdown, the Srizbi bots have been programmed with a mathematical formula that in the event of a shutdown generate a random but unique web address to check for updates. That suggests that as soon as Srizbi's owners find a new web hosting firm, they need only set up a site at that unique address and the botnet will be fully functional again. And MessageLabs reports that another large botnet called Cutwail, unaffected by the McColo shutdown, has increased its efforts in response to the "spam vacuum" of recent weeks. In combination with the typical spam cycle that sees rises around the Christmas season, it would seem that the scourge of spam will return to its former strengths soon. Story from BBC NEWS: http://news.bbc.co.uk/go/pr/fr/-/2/hi/technology/7749835.stm Published: 2008/11/26 12:27:51 GMT © BBC MMVIII
