Botnet operators who lost access to servers in China have resurfaced in Russia, according to researchers at M86 Security.
A recent government crackdown in China appears to have forced many malware botnet operators to look elsewhere, and some registrars in Russia have apparently offered refuge.
M86 Security said that 5,000 new spam domains have been traced back to two Russian registrars in the past month. Among those who have moved to Russian providers are the operators of the Zeus malware.
"It used to be Chinese registrars, and now it has been a pretty dramatic shift," Bradley Anstis, vice president of technology strategy at M86 Security, told V3.co.uk.
"Back in Russia it is kind of the same old names. These registrars have been around for a while."
Principal operations tied to the new Russian registrars are botnet spam campaigns, online casinos and online pharmacy operations.
The shift follows a clampdown on cyber crime operations in Eastern Europe and Asia. Aside from the efforts by China, authorities in Eastern Europe have sought to drive cyber criminals out of the region.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago