The spammers who have been launching DDoS attacks against Spamhaus and other anti-spam sites have now launched an attack against spamnation.info. We've been expecting this for a while, so it doesn't exactly come as a surprise. The site may be a little slow until the attack dies down.

The current attack seems to be significantly larger than January's attack: at one point earlier today I counted more than 1200 clients engaged in launching an HTTP flood against the site. The trend definitely seems to be towards ever larger and higher profile attacks, with a clear goal of shutting down or silencing anti-spam sites that are interfering with the spam business.

The attackers in this case are believed to be using a botnet built using a new version of the Storm Worm (aka Zhelatin) malware. The group behind this are also believed to have been behind a number of similar attacks, including the attack that took down Blue Security last year, as well as January's attack on spamnation.info and other sites.

It's interesting to speculate about the motives behind these attacks. One school of thought holds that they're essentially a temper tantrum, a sign of spammer frustration at anyone who has the temerity to interfere with their God-given right to sell sugar pills to the gullible. But a DDoS attack doesn't come free. Current thinking is that the botnet herders are essentially service providers. Their business consists of building botnets and renting them to spammers for use. The spammer who wants to commission a DDoS attack has to pay for the privilege, and he has to pay top dollar. DDoS attacks attract unwelcome attention to the botnet and its operators, so herders reportedly charge higher rates for carrying them out. Flowers are fine, but ordering a DDoS attack is the way to show that you really care.

The war goes on. Both sides have weapons still up their sleeves. It's business as usual.