Silicon Valley Spam-Slinger Knocked out Cold
Russia may not be the only place spam hosts lay in wait. Tuesday of this week San Jose webhoster McColo went offline. The result is that the world's spam rate is now down by three-quarters, at least according to the Washington Post's online service.
On November 11, two ISPs, Global Crossing and Hurricane Electric, purged the California webhosting firm McColo from its services. The next day Cisco subsidiary IronPort announced that worldwide spam activity had fallen off by as much as 75%.
An article on washintonpost.com was what triggered the whole thing. Brian Krebs, the article's author, got a tip-off and notified the two ISPs of the webhoster's criminal activities that had been logged by security firms over the last couple months.
According to Krebs's article, the San Jose based McColo hosts, among other things, some diverse botnets that security firms such as SecureWorks deal with on a regular basis. Botnets are said to be responsible for about two-thirds of the world's spams. McColo also allegedly hosts many illicit child pornography websites, as washingtonpost.com reports and appeals to readers to contact the HostExploit.com website. Linux Magazine Online has since asked for comments from a few spam specialists.
Magnus Kalkuhl is one of them. He works in the anti-virus division at Kaspersky Lab in Germany. His comment: "We can prove that a whole series of botnets are no longer active since McColo was shut down." By his assessment, the affected botnets driven by McColo servers were Srizbi, Rustock and Mega-D, which were sending up to 10 million email spams a day. But even criminal activity involves backups: "It won't be long before the spam business starts picking up again as usual," Kalkuhl says.
Comments also came from Berlin webhoster, mail expert and Linux Magazine author Peer Heinlein. Heinlein identified the shut down servers as "bullet-proof" servers. McColo is, therefore, a kind of provider who promises its clients uninterrupted service even with high complaint rates. Spammers use "bullet-proof" servers either for sending direct and huge quantities of spam mail or as command-and-control servers for botnets to infest and control user PCs.
The tear-down of the McColo servers has cost a lot of spammers their infrastructure, according to Heinlein. "Organizations like Spamhaus, through their undying effort, have provided ISPs with enough earth-shattering evidence for them to take the proper steps." However, Heinlein concurs with Krebs that spammers will be back at their game in no time: "There are a number of other bullet-proof hosters that would love to take over all the suddenly available clients. Spammers will reconfigure things so that this recent cutback will hardly be noticeable."
Indeed, not everyone has noticed the effect. For example, Ralf Hildebrandt, self-professed mail server expert and also Linux Magazine author. He works on contract basis with T-Systems Business Service as technical manager for the CharitéHospital in Berlin. He has noticed nothing of a significant spam reduction: "My statistical graphs show about the same amount of emails and the same amount of rejects."
Carnegie Mellon researchers say 3 million pages could fall down the phishing hole in the next year.
The US government rolls new best-practice rules for protecting SSH.
Klaus Knopper announces the latest version of his iconic Live Linux system.
All websites that use these popular CMS tools could be vulnerable to denial of service attacks if users don't install the updates.
According to a report, many potential victims of the Heartbleed attack have patched their systems, but few have cleaned up the crime scene to protect themselves from the effects of a previous intrusion.
DARPA and NICTA release the code for the ultra-secure microkernel system used in aerial drones.
Should you trust an online service to store your online passwords?
New B+ board lets you build cool things without the complication of a powered USB hub.
Redmond rushes in to root out alleged malware haven.
New initiative will bring futuristic virtual reality effects to the web surfing experience.