A flood of spam should be expected in the run-up to Christmas, according to
Network Box.
The security company warned that spammers have managed to regroup after the
closure of an Estonian domain name registrar, Estdomain, and US-based webhosting
company McColo, which were linked to most of the world’s spam and phishing
sites.
Simon Heron, Network Box analyst, warned that “the spammers have learned a
lesson and are likely to spread their activities between a number of ISPs
[internet service providers] and webhosting companies or make their software
more resilient”.
He said Network Box had seen a number of ‘runt’ or test emails over the
weekend, which indicate the beginning of a concerted spam campaign.
With spam levels nearly back to pre-McColo levels – because most of
infrastructure that was on McColo has been re-established – the company expects
to see the usual Christmas rush of spam. Some will play on people’s fears of
recession and others will offer fake high-end goods.
McColo is believed to have been the backbone for a number of major botnets,
including Rustock, Srizbi, Dedler, Storm, Mega-D and Pushdo. Each of these
botnets controlled around 600,000 hijacked computers, which pumped out a massive
amount of spam.
Mr Heron said: “It does seem that the Command and Control [C&C] software
that was in McColo has moved and been installed elsewhere. At the time of
writing we cannot identify which internet service providers the C&C has been
relocated to, but I imagine this time it will either be distributed across ISPs
or have resilience built in.”
He said by resilience he meant that the software will become more
sophisticated and if it doesn’t receive commands from the master command centre,
the botnets will be trained to search for secondary controllers.
“These people are like any software developers, they are getting more
sophisticated. So even if an ISP is identified and closed down, the impact will
not be as dramatic as the closure of McColo. Current locations for ISPs are
likely to be China, Russian and Brazil,” he added.
Ultimate
Guide to Disc Burning 
Computeractive
Back Issues
Reader comments