Spam levels remain down following McColo shutdown

Share this article:

Though worldwide spam levels are still diminished in the wake of the McColo web hosting-company shutdown, it may only be a matter of time before they come roaring back.

According to security experts from the Marshal8e6 TRACE Team, the volume of spam around the world fell by as much as 70 percent after two internet service providers pulled the plug on McColo. McColo was hosting the command-and-control infrastructure for three of the world's most prolific spam botnets: Srizbi, Mega-D and Rustock. When McColo was shut down, spam-sending bot computers could not phone home.

"This is the most significant single event in the fight against spam we have ever seen," said Phil Hay, lead threat analyst with the TRACE Team. "Unfortunately we do not expect this situation to last."

One sanguine consequence of the McColo shutdown is that the United States is no longer the primary source of the world's spam, according to managed security services provider Network Box, which claims that China now produces more spam than any other country in the world.

Simon Heron, internet security analyst at Network Box, said: “We've also seen a significant drop in emails containing viruses and phishing attacks. This indicates that McColo's servers were also used to distribute malicious emails containing viruses, and not just the usual junk marketing mail.”

Although the amount of spam has not returned to normal levels in the wake of the McColo takedown, cybercriminals likely will be better prepared going forward.

 

"It is a cliche, but the fight against spam is a game of cat-and-mouse," Hay said. "Over the longer term, the spammers will learn from this incident and will probably evolve their botnet control systems. They may adopt a more resilient peer-to-peer or layered model where control servers are harder to access and spread among many hosts.”

Share this article:

Sign up to our newsletters

More in News

Feds warn health care sector of looming cyber attacks

The FBI believes that the lax security systems that the health care industry has in place make it a prime target for cyber attacks.

Brazilian president signs internet 'Bill of Rights' into law

Brazilian president signs internet 'Bill of Rights' into ...

President Dilma Rousseff signed the legislation on Wednesday at the NetMundial conference in Sao Paulo.

Android trojan sends premium SMS messages, targets U.S. users for first time

Android trojan sends premium SMS messages, targets U.S. ...

An SMS trojan for Android, known as FakeInst, has been observed sending premium SMS messages to users all over the world, including, for the first time, the United States.