According to Patrik Runald, senior research manager with Websense, Waledac appeared in a new version in the last days of 2010, sending out large amounts of New Year related spam messages.
It then stopped spamming on the evening of January 4th, but on Tuesday 11th January, a further new variant of Waledac was distributed to members of the botnet.
On Wednesday 12th, he says, it started spamming again, but now it's back to sending pharmaceutical spam promoting "the magic blue pill" which we have seen previous versions of Waledac do in the past.
"As in previous spam campaigns, the spammers are using redirections via compromised legitimate sites", he said, adding that, when clicked, the link leads to your average Canadian pharmaceutical spam page.
Websense isn't the only IT security vendor that is tracking a surge in spam, as Commtouch's just-released analysis of spam trends shows that, whilst the levels were down during the fourth quarter of 2010, they have soared this last week.
According to the firm, the average amount of spam for the fourth quarter of 2010 was 83% of all email sent world-wide, down from 88% in the third quarter. The number of zombies active in the fourth quarter was on average 15% less than in the previous quarter.
"An inactive botnet is like an idle factory, a money-losing proposition for spammers", said Asaf Greiner, Commtouch's vice president, who added that his team has seen situations where, after a lull in spam or malware distribution, a new tactic was introduced.
"Threat experts are wise to continue following changes in network behaviour in order to proactively block new threats", he said.
According to Greiner's report, spam campaigns now use small and hidden fonts were combined with Twitter subject lines and links exploiting Google's cache service.
The quarter also saw the return of ASCII art spam. As for more `modern' threats, Commtouch says that Koobface malware links continued to circulate on Facebook, while box.net, offering content sharing and synchronisation services, was used to host spam links.