Spam declines after hosting company shut-down

MessageLabs documented a drop in spam eight times less than normal in the 12 hours immediately following the takedown.

(Credit: MessageLabs)

Internet hosting site McColo disappeared on Tuesday. Along with it went thousands of pieces of spam, thanks, in part, to investigative work by Washington Post reporter Brian Krebs.

For about four months, security experts have been collecting data about McColo Corp., a San Jose, Calif.-based Web hosting service that may have been used by by the cyber underground, according to the The Washington Post. Krebs said that the McColo hosting company had been responsible for up to 75 percent of all spam spent.

Security vendor MXLogic said it was seeing about a 50 percent decline in spam volume as a result on Wednesday.

Jose Nazario of Arbor Networks, a company that monitors botnet activity, speculated that McColo vanished at around 9 a.m. Eastern time on November 10. Botnets are frequently used to relay spam, and McColo may have hosted some of the command and control servers necessary to coordinate spam campaigns.

Adam O'Donnell, writing on theZDNet Zero Day blog, speculates that the spammers might regroup in Eastern Europe.

The Post credits Benny Ng, director of marketing for Hurricane Electric, an upstream provider for McColo, for pulling the plug on the company. Another provider, Global Crossing, declined to comment, telling Krebs the company "communicates and cooperates fully with law enforcement, their peers, and security researchers to address malicious activity."

Something similar happened in September when another hosting site, Intercage/Ativo, was shut down by its upstream providers.

[karpenterskids]

Yay! That's great news.

I still got about 7 spam messages today, so I guess whoever's been spamming me is using something other than McColo's hosting.

Here's to hoping they'll get caught/shut down soon.

[JoeF2]

Only 7? I've got 22 so far today, but that's significantly down from the 100+ per day I was seeing until recently. The Intergace shutdown in September slowed it down a bit, but it seems this latest crackdown really made a difference.
Let's hope it stays this way.

[karpenterskids]

Wow...100+?
You should be more careful where you share your email address.

[gsmiller88]

I've got three today.

[karpenterskids]

Eh, today I've already received 21.

But they're not the same style of spam as before...it's like someone else has started targeting me or something.

[gerrrg]

My gmail spam collection is curiously low.

[Michichael]

Gotta love good ol Cyber-warfare.

[Lerianis]

Well, it's about time that ANY account that sent out more than 100 e-mails a day (personally, I send out maybe 2 a day, if that!), were investigated HARSHLY.

[moucon]

That's absolute crap. Legit businesses of all kinds have so send more than 100 emails daily - I respond to that many or more myself some days. You, OTOH, only send 2 because you have no friends and no life.

[eddy m]

Any account? I have to send out hundreds, sometimes thousands of emails a day - quite legitimately - to employees of my clients. The conference industry would have to go back to the dark ages if your advice were followed.

[ghostfear]

Mr Ng is my hero!

[sundance808]

we're seeing about 25% less traffic in our mail servers, since about 98%-99% of all emails is spam.. it means that there's still several deadbeats out there.

[kcotham]

Why do these people keep sending spam? Does anyone really buy the crap they are selling? Most of the e-mails I get aren't even legible! If I had my way, I'd take these spammers out, tar and feather them, stone them, then have them drawn and quartered, just to make sure. Sub-human scum! Is spamming a felony? If not, it should be.

[moucon]

You don't have to buy anything... if they install a backdoor to your machine and turn you into a zombie in their Bot-Net, they're stealing your CPU cycles.

[i_am_still_wade]

Yes. Some spam king in Europe was making millions of dollars off spam. He was pushing medication and actually was fulfilling the orders. But nobody knows if the drugs he was sending were the real deal.

Spam is still around because it works. Some try to steal personal information, some try to sell you something, some try to install malware. All work. Until it stops working, it won't go away.

[kcotham]

I still say that we need to make the penalties for these spammers so stiff it simply won't be worth the risk for them anymore. Put them in Leavenwoth for about 10 years, minimum or something. To quote Office Space, "federal pound you in the ass prison".

[Sallie Bailey]

Karpenter - unfortunately people don't know how - or refuse to learn - how to use 'Bcc'! My AOL friends tell me that they can't delete all those addresses at the top of a "FwdFwdFwd". Maybe they should just stop sending all the inane crap?

[1VetsOpinion]

Woohoo!! It's about time someone struck back at these cyber dirtbags! I hear ya, "kcotham"!

[chrisengler]

Nobody tried to sell me Viagra today. My life is ruined! :-)

[karpenterskids]

Well, according to my inbox...I've won 5 different foreign lotteries today, and two others for "best email of the year".


I'm richhhhh. :)

[MTGrizzly]

"If I had my way, I'd take these spammers out, tar and feather them, stone them, then have them drawn and quartered, just to make sure."

What's next, hanging jaywalkers?

Really, you need to look at this in perspective. It's an inconvenience, albeit an expensive inconvenience, but do you really think it rates execution? If we execute spammers, what do we do to murders?

[inachu]

I sure would love to drag the guy who cut me off on the highway within inches of my bumber going 57 mph.

[colamix]

They should never make a move on these dirtbags unless it's to bust down their doors and throw them in jail. They are like cockroaches scattering only to come back in force.

[Shutterstuff]

They need to pull more plugs. They have the know how to find the hosting sites, if they keep shutting them down they will slowly go away. Personally, I have long been in favor of dumping SMTP for a more secure method of mail transport. I said this almost 9 years ago at ISPCon. And I am down to 16 spams today from 72 yesterday. karpenterskids, look up "dictionary attack" before you go blaming someone for being loose with their email address. I have one address I set up and have NEVER given out and it gets spam!

[NickH]

More to the point, why should I have to keep my email address a secret?

[karpenterskids]

yeah, I definitely agree that some of it comes from "dictionary attacks"...but a lot of spam also comes from web crawlers as well.

which is why I asked. :)

[jm808]

This is good news. For those involved in this shut down thanks for your hard work. And I do have less spam at my gmail spam folder - only 7 today vs 17 two days ago.

[Neotrope]

About freaking time. We've been forwarding spam originating from Hurricane Electric clients and hitting our servers for quite some time and it's good they finally investigated their client activities and did something about it. If it spams like a duck, it probably is a duck.

[CharlesWDavis]

Spammers are no different than the 480 minutes of commercial advertising on each and every broadcast TV channel. Even more on Cable delivery. Isn't the 10 to 15 minutes of "previews" on each DVD that you buy spam. The daily newspaper is more than 50 percent spam. The TV shows themselves are becoming more aggressive with using branded products in a manner in which you can't avoid the message.

I recognize that much of the SPAM content is somewhat "less than mainstream" language. But the Viagra ads run on TV networks.

Note: I define spam as unwanted commercial advertising no matter how delivered. I hate it, but understand it.

[pactumweb]

Charles, your analogy is thoroughly faulty. Broadcast TV costs money to produce; the reason there is no subscription fee is because the advertisers pay the broadcasters. Thus, ads support NBC, ABC etc. The same can be said for internet sites that have usable content, but support themselves via ads rather than by charging a subscription. THAT IS NOT SPAM.

Spammers do not support the internet in any way, shape, or form. Rather the opposite. Regular advertisers are a boon, as they make television or other media affordable for the consumer, and that's in a very direct way. Spammer do not make internet usage affordable; rather, they suck up resources. Put another way: Unlike legit advertising, genuine spam is parasitical.

Point being: your definition of spam is faulty.