Spam levels remain down following McColo shutdown

Share this article:

Though worldwide spam levels are still diminished in the wake of the McColo web hosting-company shutdown, it may only be a matter of time before they come roaring back.

According to security experts from the Marshal8e6 TRACE Team, the volume of spam around the world fell by as much as 70 percent after two internet service providers pulled the plug on McColo. McColo was hosting the command-and-control infrastructure for three of the world's most prolific spam botnets: Srizbi, Mega-D and Rustock. When McColo was shut down, spam-sending bot computers could not phone home.

"This is the most significant single event in the fight against spam we have ever seen," said Phil Hay, lead threat analyst with the TRACE Team. "Unfortunately we do not expect this situation to last."

One sanguine consequence of the McColo shutdown is that the United States is no longer the primary source of the world's spam, according to managed security services provider Network Box, which claims that China now produces more spam than any other country in the world.

Simon Heron, internet security analyst at Network Box, said: “We've also seen a significant drop in emails containing viruses and phishing attacks. This indicates that McColo's servers were also used to distribute malicious emails containing viruses, and not just the usual junk marketing mail.”

Although the amount of spam has not returned to normal levels in the wake of the McColo takedown, cybercriminals likely will be better prepared going forward.

 

"It is a cliche, but the fight against spam is a game of cat-and-mouse," Hay said. "Over the longer term, the spammers will learn from this incident and will probably evolve their botnet control systems. They may adopt a more resilient peer-to-peer or layered model where control servers are harder to access and spread among many hosts.”

Share this article:

Sign up to our newsletters

More in News

Five schools earn NSA's excellence in cyber ops distinction

The schools earned NSA's Centers for Academic Excellence designation for their cyber offerings.

With RATs at their disposal, 419 scammers target businesses

With RATs at their disposal, 419 scammers target ...

A new report reveals how Nigeria's 419 scammers are spreading malware to pocket business funds.

InfoSec pros worried BYOD ushers in security exploits, survey says

InfoSec pros worried BYOD ushers in security exploits, ...

A study by the Information Security Community on LinkedIn found most organizations don't have proper polices and support for BYOD.