Spammers Trying To Regain Control Over Cut Off Spam Bots
from the the-battle-is-on dept
Burying the lede a bit, the article notes that McColo actually came back online briefly this past weekend, and apparently spammers very quickly worked to transfer data to Russian servers while trying to update various botnets to take commands from those servers, rather than the cut off McColo servers. There's some speculation that McColo tried to time the reconnect to weekend hours when most working stiffs wouldn't notice. However, Swedish telco TeliaSonera, who provided the connection (thanks to an old agreement the two firms had) pulled the plug within hours of being notified.
It's also worth noting that McColo hasn't made any public statements since this whole situation came about, which certainly raises questions about how much the folks who ran the company knew about how their network was being used. Even though it sounds like spammers may not have been able to regain full control over their botnets, it seems likely that they did regain some control, and spam levels are likely to get back to where they were in rather short order.