Earlier this month spam levels dropped enormously after webhost McColo got shut down but unfortunately spam levels are rising again as a major botnet named Srizbi is resurrecting:
Turns out, Srizbi's authors had planned ahead for such a situation by building into each bot a fail-safe mechanism in case its master control servers were unavailable: A mathematical algorithm that generates a random but unique Web site domain name to check for new instructions and software updates.
With such a system in place, the malware authors can regain control over the bots merely by registering the Web site names that the infected machines are trying to visit and placing the instructions there.
According to FireEye, a security company in Milpitas, Calif., that has closely tracked the botnet's actviity, a number of those rescue domains were registered Tuesday evening, apparenly directing at least 50,000 of the Srizbi-infected machines to receive new instructions and malicious software updates from servers in Estonia.
The latest statistics from SpamCop indicate spam levels have roughly doubled compared to a week ago, but they're still lower than they used to be: