Ullrich, chief research officer of the SANS Institute, told SCMagazine.com today that the tone of the message suggests the author is not a professional.
He thinks the culprit behind the zombie spam is someone SANS recently reported to a DNS provider, telling the company the spammer was using its server to control botnets.
Ullrich assumed the message was meant as a retaliation – but he wasn't offended.
"I take it somewhat as confirmation that we’re right on track here [with stopping spammers]," he said.
SANS is not the only organisation that has been on the receiving side of cybercrooks’ wrath lately.
DoS attacks have hit online security and privacy volunteer community site CastleCops for the last couple of weeks.
"Someone isn’t happy we’re up and running," said a blog on the site.
So far, SANS has not been impacted by DoS attacks, but the organisation wouldn’t be surprised if it happens soon.
That is why handler Jason Lam today reminded readers of the site’s emergency URL:
http://iscems.dshield.org/index.txt.
