McColo Shut Down Halts 75% of Spam
Allegedly hosting "some of the most disreputable cyber-criminal gangs in business today" according to Washington Post reports, web hosting provider McColo (www.mccolo.com) after going offline this week has reduced the global amount of spam by three quarters according to some estimates.
The take-down of San Jose-based hosting company McColo.com by two of its upstream providers on Tuesday afternoon, after which Internet security firm SophosLabs (www.sophos.com) recorded a more than 75% decline in connections to its spamtrap mail servers. Similarly, security firm IronPort (www.ironport.com) reported a 70 percent drop in spam over the last two days and MXLogic (www.mxlogic.com) a 50 percent reduction.
The Washington Post's Security Fix blog has been watching McColo (www.mccolo.com) for the past four months, finding that the San Jose host may be hosting "some of the most disreputable cyber-criminal gangs in business today," including child pornography, phony anti-virus scams and malicious software that has stolen banking and credit card information from more than half a million people globally.
In its latest Cyber Crime USA report, Hostexploit.com security researchers said the company has played "a key role in managing world's major botnets, and malware warehousing, which has been estimated as partially controlling 50 to 75 percent of the world's spam."
SophosLabs' Ross Thomas wrote in a blog post, "The company (McColo) is alleged to have been hosting command-and-control mechanisms for several large botnets such as Rustock, Srizbi, Dedler, Storm, Mega-D and Pushdo, which are estimated to have infected more than 600,000 home computers, spreading more than 100 billion spam emails per day."
McColo has been identified as a questionable host since at least June 2006, when by tracking its , McColo's IP addresses seemed to have leased a large range of IP addresses to Moscow-based Digital Infinity, which was found responsible for Psycheclone, a web bot used for harvesting e-mail addresses. According to the Code Cave blog (www.thecodecave.com), McColo's IP addresses have also been "a major source of Wordpress comment spam."
A Wednesday Washington Post report by Brian Krebs states that it is uncertain if US law enforcement will do anything about McColo's alleged negligence in hosting scams and illegal content.
It is, he wrote, "unclear is the extent to which McColo could be held legally responsible for the activities of the clients for whom it provides hosting services. There is no evidence that McColo has been charged with any crime, and these activities may not violate the law." He notes that liability is typically decided based on if the hosting provider is aware of the content.
No responsibility can be taken for the content of external Internet sites.
Return to hosting news headlines
View Hosting News Archive