The Washington Post is reporting that a US host allegedly responsible for a whopping 75% of the junk email sent out globally on on a daily basis has been knocked offline. “For the past four months, Security Fix has been gathering data from the security industry about McColo Corp., a San Jose, Calif., based Web hosting service whose client list experts say includes some of the most disreputable cyber-criminal gangs in business today,” writes the Post’s Brian Krebs.
According to Benny Ng, director of marketing for Hurricane Electric, which was one of the major backbone providers for MyColo, after being contacted by Security Fix, the web fraud blog at the Post authored by Krebs, the company decided to shut down the rogue hosting provider. “We looked into it a bit, saw the size and scope of the problem [Security Fix was] reporting and said, ‘Holy cow!’ Within the hour we had terminated all of our connections to them,” Ng said.
In addition to controlling spam-producing botnets, MyColo’s bad practices extended to other illegal activities, such as hosting child pornography, sites that managed payment processing for spam and child porn, and a Trojan horse operation that apparently swiped banking and credit card information from hundreds of thousands of people. Suffice it to say, they won’t be missed.
However, don’t expect the level of spam in your inbox to decrease — or not by much, and not for long. As we reported earlier this week, spam is still a vastly profitable endeavor, and spammers are very resourceful. They won’t simply disappear now that one of the largest spam hubs is gone — they’ll just find a new place to blast their spam from.
“With McColo gone off the air, I do not suspect I’ll find little to do in the coming weeks, months, and year, the badness they hosted will simply move,” wrote Jose Nazario a Arbor Networks, a web security firm.
One major question is why MyColo has taken so long to be stopped. According to security experts, they’ve been a known offender for quite some time, but authorities have been slow to act.
“There is damning evidence that this activity has been going on there for way too long, and plenty of people in the security community have gone out of their way to raise awareness about this network, but nobody seems to care,” Paul Ferguson, a threat researcher with computer security firm Trend Micro told the Washington Post. “It’s a statement on the inefficiencies of trying to pursue legal prosecution of these guys that it takes so long for anything to be done about it. Law enforcement is saying they’re doing what they can, but that’s not enough. And if law enforcement can’t address stuff like this in a timely fashion, then the whole concept of law enforcement in the cyber world needs to be readdressed, because it’s hardly making a dent at the moment.”