Yesterday, MCColo Corp, the company responsible for hosting the control servers for several of the biggest spam botnets was taken offline. Srizbi, Rustock, Mega-D and Pushdo botnets, as well as several others, all had control servers hosted on McColo’s network. Last week these four botnets accounted for over 80 percent of all spam. In addition to botnet control servers, McColo was also known to host malicious software, fake antivirus and child pornography websites.
The hosting company was taken offline after a reporter from the Washington Post contacted two of McColo’s Internet service providers and presented them with information about the malicious activity on McColo’s network. The information was gathered from the security industry over the last four months.
Today, spam has significantly decreased and three of the major botnets, Mega-D, Srizbi and Rustock have almost completely stopped sending spam. Our daily spam volume index showed a massive drop over the last two days as you can see below.
We do not expect this drop in spam to continue for long; often the people or groups responsible for the malicious activity simply move to a new host and continue as normal. Nevertheless, such a dramatic decline in spam, however short-lived, is good news indeed and represents another blow for the cyber criminals.
