McColo Hands Off Botnets to the Russians

Email This Post Email This Post   

November 19th, 2008

Brief respite from spam could be over as McColo hands off Command and Control of Botnets to a Russian network.

According to researchers from FireEye and HostExploit the recently disconnected McColo had its internet  connectivity restored briefly (12 hours) and in that brief time the botnet herders used that window of opportunity to hand over the Command and Control (C&C) function of the Botnets to other servers one of which is hosted out of Russia – for example the Rustock botnet is now reporting to abilena.podolsk-mo.ru.

So batten down the hatches as we expect to see spam volume climb as soon as the botnet herders figure out how to incorporate a distributed C&C system so they will never be disconnected from their many bots in the future.

More information and a link to a video showing the re-connection of McColo available here.

http://www.theregister.co.uk/2008/11/18/short_mccolo_resurrection/

Post to Twitter

Entry Filed under: Botnets, Bulletins

Leave a Comment

Required

Required, hidden

Some HTML allowed:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Trackback this post  |  Subscribe to the comments via RSS Feed

Archives

Categories

March 2010
M T W T F S S
« Jan «-»  
1234567
891011121314
15161718192021
22232425262728
293031  

White T-Shirt

$18.99

Meta