DV Hardware bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!

   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
DarkVision Hardware - Daily tech news
October 21, 2016 
Main Menu
News archives

Who's Online
There are currently 93 people online.


Latest Reviews
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset
Lamptron FC-10 SE fan controller
ZOWIE G-TF Rough mousepad
ROCCAT Isku FX gaming keyboard
Prolimatech Magnetic Pin

Follow us

Estonian ISP cuts off Srizbi botnet control servers

Posted on Saturday, November 29 2008 @ 00:02:12 CET by

Yahoo News writes an Estonian ISP that temporarily hosted the command and control servers for the Srizbi botnet, which is responsible for a very large chunk of all spam on the Internet, has cut off those servers.
Starline Web Services, based in Estonia's capital Tallinn, had hosted four domain names identified as the control points for Srizbi, according to researchers from computer security firm FireEye.

Hundreds of thousands of PCs around the world infected with Srizbi, a difficult-to-remove rootkit that is used for sending spam, were programmed to seek new instructions from servers in those domains. Srizbi is considered one of the more powerful botnets, with at least 450,000 PCs infected. It is estimated that half of the world's spam originated from computers infected with Srizbi. Spam remains a profitable business for cybercriminals.


The spammers, however, needed a new ISP to host those servers, at least for a while. They found Starline Web Services, a very small ISP, but that provider has since also cut them off.

"I was satisfied that those sites were closed down," said Hillar Aarelaid, chief security officer for Estonia's Computer Emergency Response Team (CERT), on Thursday.

Attempts to contact Starline Web Services were unsuccessful. But Aarelaid said CERT has been in contact with the company, and it does appear to be responsive to complaints about abuse.

Starline Web Services buys its connectivity from Compic, another Estonian company. Compic has been flagged by Estonia's CERT as having Web sites hosting malicious software, said Tarmo Randel, an information security expert at the organization.

Randel said CERT has "constantly" notified Compic about malware they've hosted. Compic will take action to remove the sites depending "on how loud we scream," Randel said. Compic usually reacts fast when CERT sends a complaint e-mail -- and copies the Estonian Criminal Police, Randel said.



DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2016 DM Media Group bvba