According to an article on the official Microsoft Blog, the botnet Kelihos, also known as Waledac 2.0, has been taken down on the 27th of September 2011 by Microsoft in an operation codenamed “Operation b79”. Read the full story.
As you may have read on several news sites, the botnet Rustock, one of the world’s most active spam-generating networks, is no longer since last week (R.I.P. ;-)) on March 16th, 2011. The Microsoft Digital Crimes Unit (or DCU), together with other agencies and organisation like the U.S. Marshalls, started an operation, under the name "Operation … Continue reading Botnet Rustock is no longer
According to the news site Softpedia, a 27-year-old man was arrested at the Yerevan airport, Armenia, yesterday who is suspected of being the Bredolab botnet runner. Authorities believe he is the person who was responsible for creating and managing the Bredobal botnet that was capable of sending out 3.5 billion spam messages per day. 143 Bredolab CnC servers, … Continue reading Bredolab botnet taken down
UPDATE, Nov 27th: One of the new CnC servers, 'sdx3Fs5B.info' was resolving to 18.104.22.168 at LayeredTech. FireEye sent an abuse notification to LayeredTech when the CnC servers went online and they have pulled out the server. ---------------- Yesterday, Nov 24, 2008, I noticed a sudden spam rise. When checking some samples I found that the 'Canadian Pharmacy' … Continue reading Rustock is back online, spam levels rise again
McColo, the ISP that has been taken down because of their malicious activities, was back online during a brief period thanks to the Swedish ISP TeliaSonara AB that has a router in San Jose. The peering was revoked after complaints to the abuse email address by security from Sophos and security researcher Atif Mushtaq. During this time Rustock … Continue reading McColo up and down again, C&C servers to Russia
SMTP connections that involves spam have dropped 50% at MX Lab since yesterday. At first, we thought we faced a technical problem and all systems where checked to be sure but there where less SMTP conenctions that contained spam. Today we still noticed a very low level of spam volume. Several news sites report that … Continue reading Spam drops after McColo Corp taken offline