I came across this article last night, “Botnet Operators Gearing Up for Valentine’s Day Spammers try to play Cupid, with a dark twist” by Richard Adhikari with Internet News (http://www.internetnews.com/security/article.php/3802331) and can’t help but think there is nothing new here.
The “bad guys” are well funded and have developed sophisticated tool-sets to evade detection by content driven and IP reputation based security systems.
While I’m not extremely familiar with the term “fast flux DNS,” this is a perfect illustration of why DNS blacklisting (a.k.a. IP reputations) is such a waste of time as currently implemented by folks like Websence, etc. The “bad guys” know that as long as they are competing against reactive technologies like content filters and DNS blacklists they will ALWAYS be ahead of the curve.
