The fall in global spam levels after the shutting of web hosting company McColo looks to be short-lived after researchers reported that the Srizbi botnet has been reactivated.
Srizbi is thought to comprise more than 500,000 computers, and is estimated to be responsible for up to 40 per cent of the world's spam. Researchers at security consultants FireEye are now warning that Srizbi, and other botnets, have been reactivated.
"Srizbi has returned from the dead and began updating all its bots with a fresh new binary just a few hours ago," FireEye reported.
"In the coming days, many journalists and researchers will ask how it is possible that the largest botnet in the world was allowed to update itself, when a security firm had near complete control over it. This is an interesting angle that we'll be exploring once all the technical facts are out on the table."
The Srizbi botnet command and control systems were initially put back online in Estonia, but have since been taken down.
The researchers also reported that the Rustock rootkit is also back in circulation and is sending a variety of spam based on social engineering and the sale of medical products.
Spam levels to rise as Srizbi returns
By Iain Thomson on Nov 28, 2008 10:51AM