Srizbi reborn

Srizbi is one of the largest botnets in the world, and is the very same one that was responsible for all the spam sent via McColo recently. As we've all read all over the Internet, the botnet revived and now operates from Estiona. Nothing new there. What is interesting though, is that FireEye Malware Intelligence Lab made a very nice writeup of the inner workings of the botnet in general along with a quite detailed analysis on how the mechanism works that caused Srizbi to be available again to it's bot herder.

Earlier this month, FireEye also explained how to find out if your PC is part of the Srizbi botnet, and what to do about it if it is.