Thursday, November 27, 2008

Estonian ISP Cuts off Control Servers for Srizbi Botnet

Jeremy Kirk writes on PC World:

An Estonian ISP that temporarily hosted the command-and-control servers for the Srizbi botnet, responsible for a large portion of the world's spam, has cut off those servers, according to computer security analysts.

Starline Web Services, based in Estonia's capital Tallinn, had hosted four domain names identified as the control points for Srizbi, according to researchers from computer security firm FireEye.

Hundreds of thousands of PCs around the world infected with Srizbi, a difficult-to-remove rootkit that is used for sending spam, were programmed to seek new instructions from servers in those domains.

Srizbi is considered one of the more powerful botnets, with at least 450,000 PCs infected. It is estimated that half of the world's spam originated from computers infected with Srizbi. Spam remains a profitable business for cybercriminals.

More here.


Post a Comment

<< Home