Slashdot Mirror

← Back to Stories (view on slashdot.org)

McColo Briefly Returns, Hands Off Botnet Control

Posted by kdawson on from the should-have-used-a-stake-through-the-heart dept.

A week ago we discussed the takedown of McColo (and the morality of that action). McColo was reportedly the source of anywhere from 50% to 75% of the world's spam. On Saturday the malware network briefly returned to life in order to hand over command and control channels to a Russian network. "The rogue network provider regained connectivity for about 12 hours on Saturday by making use of a backup arrangement it had with Swedish internet service provider TeliaSonera. During that time, McColo was observed pushing as much as 15MB of data per second to servers located in Russia, according to ... Trend Micro. The brief resurrection allowed miscreants who rely on McColo to update a portion of the massive botnets they use to push spam and malware. Researchers from FireEye saw PCs infected by the Rustock botnet being updated so they'd report to a new server located at abilena.podolsk-mo.ru for instructions. That means the sharp drop in spam levels reported immediately after McColo's demise isn't likely to last."

2 of 242 comments (clear)

  1. Spam bots, Pirates, Global Warming by tacocat · · Score: 0, Offtopic

    OK, we have more pirates thanks to Somalia. But I don't think it's helping global warming as much as we had anticipated.

    And now this...

    It's pretty clear that the policies and practices that are being implemented around the world are totally insufficient to deal with the return or rise of the anarchists that have been around since Robin Hood, Blackbeard, and Ali Baba.

    I hate to mention this but I'm thinking that some of these won't be solved by saying, "Please stop". We are reaching a tipping point between the notion of preemptive military strikes and politically based solutions.

    Russia is not proving itself a very effective government and actually a festering zone for illegal activities. Can't we just launch a DDOS against .ru and be done with it? I'm pretty sure the rest of the world outnumbers those jerks.

    Of course the governments can claim no involvement of this activity but extend a willingness to discuss how to resolve a DDOS on .ru in a peaceful manner.

    Similarly, this political/legal gamesmanship around Somalia is a joke. I see no reason why a nation cannot exercise any means necessary to protect their own shipping, or others with there permission.

    It's a joke. And the mob, gangstas, and terrorists will take all of this to their fullest advantage.

    So how hard would it really be to DDOS a nation if brought on in a multi-national deployment?

  2. Re:Epic Fail. by billcopc · · Score: 0, Offtopic

    QUICK NOTE TO SLASHDOTTER #864651:

    Do not anger the /b/tards, for they are unsubtle and quick to anger! If you can't look at the thread and immediately recognize Slashdot groupthink, you should probably NOT be on the internets.

    KTHXBAI!

    --
    -Billco, Fnarg.com