Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    August 2015
    S M T W T F S
    « Jul    
  • Email Subscription

  • About Us

    It looks like spam volume has taken a turn for the better, at least for now.

    After a couple of years of playing a shell game with security researchers, spam giant McColo Corp. was finally disconnected. Hosting major operations related to porn, credit card theft, fraud and other nefarious criminal activities, McColo posed as a legitimate corporate entity and conducted its business operations in Silicon Valley. On a global level, McColo is reportedly accountable for anywhere from 50 to 75 percent of all spam activity on the planet.

    Trend Micro contributed research & intelligence to the Cyber Crime Report, which detailed the criminal activity occurring inside of McColo for the past two years. Advanced Threats Researcher Paul Ferguson worked with other security researchers to compile the necessary information on those activities, which compelled their upstream ISPs to terminate connectivity to McColo after this information was made public.

    McColo’s Internet Service Providers – Global Crossing and Hurricane Electric, were alerted by these investigators of their criminal activities, and once presented with details of this investigation, the ISPs immediately ceased their connectivity services with McColo.

    This event definitely is a big blow to spam in general, however, it may be a very short-lived victory. The criminal operatives affected by these actions will most certainly make every attempt to move their operations elsewhere — we are watching.

    The Trend Micro Email Reputation Services (ERS) detected a 40% drop in spam activity immediately following the termination of McColo’s connectivity:

    ERS spam count

    Not only have we seen a dramatic drop in spam inside of Trend Micro’s back-end correlations systems, but the rest of the world continues to see the dramatically lower volumes of spam:

    This small victory will most likely be short-lived, as it is almost certain that these obviously profitable criminal operations are too valuable for these criminal operations to be abandoned.

    But Trend Micro customers won’t be without protection — the Trend Micro Smart Protection Network will block spam messages even before they reach users’ inboxes, and we are doing continual due diligence to ensure that all of the badware associated with these criminal operations is blocked before you ever see it.

    With additional editorial input by Paul Ferguson, Advanced Threats research.

    Update: 15 Nov 2008, 21:42 PST: It appears that McColo is back “on the air” as of this afternoon, so we’ll have to see what happens next.

    Update: 16 Nov 2008, 09:30 PST: McColo is once again “off the air” as of this morning.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice