Unplugging The World's Biggest Spam Host-- Temporarily
Nov 19, 2008, 18:16 (1 Talkback[s])
WEBINAR: On-demand Event
Replace Oracle with the NoSQL Engagement Database: Why and how leading companies are making the switch REGISTER >
"The volume of junk e-mail sent worldwide dropped
drastically today after a Web hosting firm identified by the
computer security community as a major host of organizations
allegedy engaged in spam activity was taken offline, according to
security firms that monitor spam distribution online.
Host of Internet Spam Groups Is Cut Off
"In trying to get a sense of the activity attributed to McColo,
I put together a flow chart, or mind map, showing McColo's
relationship to various sites associated with botnet activity,
spam, pharmacy domains, etc...
"The upper right-hand section of the graphic highlights the
numeric Internet addresses assigned to McColo that experts, such as
Joe Stewart, the director of malware research for Atlanta-based
SecureWorks, say were used by some of the most active and notorious
spam-spewing botnets -- agglomerations of millions of hacked PCs
that were collectively responsible for sending more than 75 percent
of the world's spam on any given day (for that sourcing, see the
colorful pie chart at below, which is internet security firm
Marshal.com's current view of the share of spam attributed to the
top botnets -- again, click on it to enlarge). In the upper left
corner of the flow chart are dozens of fake pharmacy domains that
were hosted by McColo.
A Closer Look at McColo
"So why do hosting companies so often seem to tolerate spammers?
First, once you graduate to the size ranks of companies like Global
Crossing and Hurricane Electric, it’s nearly impossible to
police every one of the thousands of customers occupying your
network space. The infrastructure for monitoring their activities,
even if you had a legal right to do so, would be prohibitively
expensive and unwieldy.
McColo and the Difficulty of Fighting Spam
"Behind the scenes of the McColo and Intercage cases, a
ferocious struggle is taking place between the purveyors of
Web-based malware and loosely aligned but highly committed groups
of security researchers who are out to neutralize them.
McColo takedown: Internet vigilantism or online Neighborhood