March 31, 2009 7:00 AM PDT

Postini: Spam up again following McColo takedown

by Elinor Mills
  • Font size
  • Print
  • 5 comments

It has taken spammers only four months to get their botnets back up after hosting company McColo Corp. was shut down, according to statistics due to be released on Tuesday from Google's Postini e-mail security provider.

Spam volumes dropped as much as 70 percent or 80 percent overnight when San Jose, Calif.-based McColo was shut down on November 11, 2008. McColo was hosting command and control servers that were being used to send instructions--like send spam or Trojans--to bot software planted on PCs, mostly in the U.S.

By the second half of March, seven-day average spam volume was at the same volume as prior to the McColo shut down, and overall spam volume during the first quarter was up an average of 1.2 percent per day--the strongest since early 2008, Postini said. By comparison, spam grew about 1 percent per day in the first quarter of last year, which was a record high at the time.

"Spammers have essentially spent this time rebuilding their botnets," Adam Swidler, Postini product marketing manager, said in an interview on Monday.

However, the spammers appear to be using new techniques that are more resilient to ISP shutdowns, such as using peer-to-peer technology to send instructions between computers rather than having one command-and-control computer communicate with botnets, he said.

Also new is the use of location-based spam, such as e-mails touting fake news customized to the geographical location of the recipient. Other popular spam topics during the quarter continued to be related to the economy, financial markets, and layoffs, Postini said.

More information is in the Official Google Enterprise Blog.

Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service, and the Associated Press. E-mail Elinor.
Topics:

Vulnerabilities & attacks

Tags:

Postini,

Google,

spam

Share:
Digg
Del.icio.us
Reddit
Recent posts from Security
Q&A: Researcher Karsten Nohl on mobile eavesdropping
RockYou sued over data breach
Hacker Gonzalez pleads guilty in Heartland breach
Microsoft rebuts IIS vulnerability claims
More attacks expected on Facebook, Twitter in 2010
GSM crypto code cracked, engineer says
Web-based Lookout protects mobile devices, data
Hackers claim to crack Kindle copyright armor
Related
Google wants to unclog Net's DNS plumbing
More attacks expected on Facebook, Twitter in 2010
Facebook sues men for allegedly phishing, spamming
Amazon EC2 cloud service hit by botnet, outage
Using Facebook and Twitter safely
Behind the scenes: NORAD's Santa tracker
The five biggest digital audio duds of 2009
Buzz Out Loud Podcast 1122: AT&T blames the children
Add a Comment (Log in or register) (5 Comments)
  • prev
  • 1
  • next
by Seaspray0 March 31, 2009 9:26 AM PDT
Wouldn't it be nice if someone took control of the spammer's botnets and redirected them to do a DDOS attack against the spammers themselves?
Reply to this comment
by Perry_Clease March 31, 2009 10:24 AM PDT
I noticed a slightly higher number of spams over the last few dayst.

Seaspray, I would rather seem them prosecuted and jailed.
Reply to this comment
by Eddie-c March 31, 2009 11:14 AM PDT
Rather have them, publically, strung up by their danglies and left like that for a few days with a web-cam on them ;) Hmm... pay-per-view idea ... how much could you make off that? lol
Reply to this comment
by kojacked March 31, 2009 12:12 PM PDT
Since you are probably never going to catch them it would be better to sabotage their infrastruture. Fight fire with fire. Also they should go after the companies they are spamming for. Fine them heavily for using such "services".
Reply to this comment
by Dalkorian March 31, 2009 4:34 PM PDT
by kojacked March 31, 2009 12:12 PM PDT
Also they should go after the companies they are spamming for. Fine them heavily for using such "services".

----------------------------------------------------------------------------

Best idea I've heard in a while on this topic. We can identify "spam" pretty easily and it invariably leads somewhere (someone is trying to make money). Fine them ridiculous amounts, like a million bucks per spam message. That would send a message, trust me they would stop paying for it in an instant if they thought they could be financially trashed like that for it! Once the companies stop paying, the spam will virtually stop. It only continues because it's making money for the scumbags.
(5 Comments)
  • prev
  • 1
  • next
advertisement

15 sites that went kaput in 2009

Web sites launch all the time, but they also shut their doors. We highlight 15 that bit the dust this year.

Top 10 news stories of the decade

Let the debate begin: Was the iPhone more important than iTunes? Was anything bigger than Google finding a great business model? CNET offers its list of the 10 most important stories of the '00s.

About Security

Online security is threatened by more than hacking and phishing attempts. Check here for the latest updates on software vulnerabilities, data leaks, and rapidly spreading viruses--and learn how to protect your systems.

Add this feed to your online news reader

Security topics

advertisement
advertisement

Inside CNET News

Scroll Left Scroll Right
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
CES 2010
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET