Srizbi
Srizbi is currently one of the largest botnets and one of the main culprits for the global flood of spam caused by spam relays (according to Marshal Limited, 39% of all spam emails are sent via Srizbi). Srizbi has already left the well-known Storm-Worm botnet (which includes an estimated 85,000 drones ) behind with 315,000 hijacked computers. The reason for this is likely to be the software removal tool from Microsoft, which now detects the malicious code of the Storm Worm network.
distribution
This botnet expands via a Trojan of the same name (Trojan.Srizbi), which is usually stored on infected pages that are sent via spam mail including a link.
Combat
Srizbi's activity was significantly curtailed after two providers used by Srizbi for the command and control servers, including the infamous hosting company McColo, were taken offline. The Trojan, which adds computers to the Srizbi botnet, will soon be detected by Microsoft's “Malicious Software Removal Tool” (MSRT). This could further reduce the botnet.
See also
Individual evidence
- ↑ PC Tip News (from March 4, 2008)
- ↑ tecCHANNEL of April 10, 2008
- ↑ ZDNet Security News from February 22, 2008
- ↑ http://www.theregister.co.uk/2009/02/11/patch_tuesday_roundup/
Web links
- Symantec Trojan.Srizbi (English)
- heise online