Massive Botnet Returns From the Dead To Spam On

CWmike writes "Gregg Keizer reports that the big spam-spewing Srizbi botnet, shut down two weeks ago when McColo was shuttered, has been resurrected and is again under the control of criminals, security researchers said today. As of late Tuesday, infected PCs were able to successfully reconnect with new command-and-control servers, which are now based in Estonia, said Fengmin Gong, chief security content officer at FireEye. The comeback confirms what researchers noted last week, that Srizbi had a fallback strategy. So, in the end, that strategy paid off for the criminals who control the botnet."

Target in sights

[Shotgun]

So, the researchers know where the CnC is originating from. Chase the rats down their holes with flamethrowers. Expose the subnets and let us DDoS them till the service providers cry uncle.

Yes, it will probably take Estonia offline for a while, but eventually providers will get the clue that taking in criminals and scufflaws as clients is not profitable.

Re:how come you say for sure they're in Estonia?

[Whiteox]

Wasn't Estonia DDOS'd a few months ago by the Russian Government?
That was very freaky. I heard that they got a lot of outside help to try and get their backbone up and running again.