Spam Levels Resurging, Overcoming McColo’s Closure Episode
According to the IronPort Systems Inc., manufacturer of security tools, the spam level, which was declining after the closure of fake websites-hosting company "McColo", is once again ascending.
IronPort stated that the spam volumes were recorded at 96.8 Billion on December 9, 2008, which is 30 Billion higher as compared to those sent in the days after November 11, 2008, i.e. the day of McColo's takedown. Just after the shut down of McColo, spam volume declined to 64.1 Billion, 42% down from the volume prior to this incident.
An anticipated 190 Billion spam e-mails were sent per day in the month preceding the McColo's takedown by its primary Internet service providers. The company was purportedly acting as a breeding ground for cyber crooks managing some of the biggest spam-generating botnets.
The experts are stating that bounce back in the levels of spam has profoundly been led by the botnets that have remained almost unaffected by the McColo's end.
Moreover, Srizbi has been reported to have come back into activity in December 2008. Global network of Srizbi-infested PCs consists of more than 500,000 computers having a special feature. In case the master servers are taken down, this feature allows the compromised PCs to figure out new servers as soon as they are established. Accordingly, there will be a huge rise in the spam levels in near future.
Mega-D, another botnet that was controlled by McColo-hosted servers, has now regained its original strength. Some other rogue servers such as Kraken and Cutwail are also going great guns.
In the days following McColo's shutdown, security experts observed innumerous stranded zombies, which were trying to establish their connections back to the command centers affected in this event. However, botnet masters are expected to soon find new host servers for conducting their malicious activities.
Meanwhile, MessageLabs, a division of security firm Symantec, stated that there was a decline of 65% in the spam levels immediately after the web-hosting McColo Corp. went offline. Although, according to the new analysis, spam levels are shortly expected to become two-third of the level that was seen before the shutdown of McColo Corp.
Related article: Spam Scam Bags a Scottish Connection
» SPAMfighter News - 26-12-2008