Big Victory in Fight Against Spam: Major Spam Host Axed

By Josh Catone

The Washington Post is reporting that a US host allegedly responsible for a whopping 75% of the junk email sent out globally on on a daily basis has been knocked offline. “For the past four months, Security Fix has been gathering data from the security industry about McColo Corp., a San Jose, Calif., based Web hosting service whose client list experts say includes some of the most disreputable cyber-criminal gangs in business today,” writes the Post’s Brian Krebs.

According to Benny Ng, director of marketing for Hurricane Electric, which was one of the major backbone providers for MyColo, after being contacted by Security Fix, the web fraud blog at the Post authored by Krebs, the company decided to shut down the rogue hosting provider. “We looked into it a bit, saw the size and scope of the problem [Security Fix was] reporting and said, ‘Holy cow!’ Within the hour we had terminated all of our connections to them,” Ng said.

In addition to controlling spam-producing botnets, MyColo’s bad practices extended to other illegal activities, such as hosting child pornography, sites that managed payment processing for spam and child porn, and a Trojan horse operation that apparently swiped banking and credit card information from hundreds of thousands of people. Suffice it to say, they won’t be missed.

However, don’t expect the level of spam in your inbox to decrease — or not by much, and not for long. As we reported earlier this week, spam is still a vastly profitable endeavor, and spammers are very resourceful. They won’t simply disappear now that one of the largest spam hubs is gone — they’ll just find a new place to blast their spam from.

“With McColo gone off the air, I do not suspect I’ll find little to do in the coming weeks, months, and year, the badness they hosted will simply move,” wrote Jose Nazario a Arbor Networks, a web security firm.

One major question is why MyColo has taken so long to be stopped. According to security experts, they’ve been a known offender for quite some time, but authorities have been slow to act.

“There is damning evidence that this activity has been going on there for way too long, and plenty of people in the security community have gone out of their way to raise awareness about this network, but nobody seems to care,” Paul Ferguson, a threat researcher with computer security firm Trend Micro told the Washington Post. “It’s a statement on the inefficiencies of trying to pursue legal prosecution of these guys that it takes so long for anything to be done about it. Law enforcement is saying they’re doing what they can, but that’s not enough. And if law enforcement can’t address stuff like this in a timely fashion, then the whole concept of law enforcement in the cyber world needs to be readdressed, because it’s hardly making a dent at the moment.”

  • I wonder if it’s that profitable to spam other people. I mean you have to run a really large and complex infrastructure for this…

  • I noticed a drop in the amount of spam in my inbox over the past week or so. It may have been because of this, but I guess it will come back once the spammers find a new host. :(

    I agree that law enforcement agencies need to do more to combat this. Although I know international boundaries are often a problem as spam in the US can be coming from Slovakia or wherever…

  • I wonder if it’s that profitable to spam other people. I mean you have to run a really large and complex infrastructure for this…

    If it wasn’t, they wouldn’t do it, so it must be!

  • antiquerze

    It is profitable I just read an article here or somewhere else about it. Pretty sad though.

  • It’s interesting it’s considered a big victory – but don’t expect the amount of SPAM you receive to drop… hmmm… doesn’t sound like a victory. Not to mention that at least most people had this spam blocked because the IP and ISP are on the black lists… now they’ll move to servers that haven’t been blacked out.

  • TV-net

    yes then those ips come back into circulation and totally inocent webmaster get one dished out and is then blacklisted causing them un-due hassel

  • GS

    As long as the world has idiots spammers will thrive since there is money to be made. Also nobody seems to care about solving the problem since it gave birth to a whole new industry (see Postini and the rest) for filtering your mailbox. Unless some of those hosts are brought to justice for causing millions of damage and expense to businesses around the world, the spam industry will thrive. And they will find hosts in Russia and China who nobody can touch. Personally if I could block all Internet traffic from these two places I would be the happiest system administrator in the world…

Get the latest in Front-end, once a week, for free.