Skip to main content
  1. Home
  2. Computing
  3. News

Spam Levels Rising After McColo Shutdown

Geoff Duncan
By
Spam Levels Rising After McColo Shutdown

Last November’s shutdown of bot-controller-friendly hosting provider McColo had a surprisingly signficant—and long-lasting—impact on the worldwide spam problem, with some sites reporting as much as a 70 percent drop in inbound spam after McColo’s connectivity was switched off. Despite claims it was a responsible ISP on the forefront of the war against spam, the reality was that McColo played host to a number of systems that served as controllers for vast hordes of bot-infected computers around the world. The controllers at McColo would send commands and data to the infected bots, and the bots would start sending spam and malware out to millions of Internet users. With the shutdown of McColo, spam activity worldwide dropped significantly, and the spread of malware like the Windows-infecting Srizbi and Storm worms largely ceased.

But now, the spammers are coming back, and they’ve reengineered their control systems to avoid creating a single point of failure like McColo. And some spam fighters think spam might get back up to pre-shutdown levels as soon as the end of January. And while some new botnets are still staying quiet, others have begun sending spam at prodigious rates: including Mega-D (Ozdoc) at more than 26 million spams a minute, and Cutwail (Pandex) with more than a million bots under its control. Other active botnets include Xarvester, Donbot, and Waledac.

Recommended Videos

"For now, the botnet controllers are clearly focusing on growing and developing this new botnet resource rather than using it to spam, "said MessageLabs analyist Paul Wood, in a statement. "The potential of these botnets to spam in large volumes is a major concern. In particular, Waledac is believed to be the next generation of the infamous botnet Storm (Peacomm)."

Related

Google’s enterprise group—which runs the Postini Message Security network—notes spam rates are up 156 percent since November 2008, when McColo was taken down. Google expects 2009 to see an increase in viruses sent via email, as well as blended attacks that try to lure uses to sites that install malware on unprotected PCs in order to take them over as bots. One reason? Botnet operators looking to expand their footprints and rebuild their capacity after the McColo shutdown.

Editors' Recommendations

Geoff Duncan
Geoff Duncan
Former Digital Trends Contributor
Geoff Duncan writes, programs, edits, plays music, and delights in making software misbehave. He's probably the only member…
Even the new mid-tier Snapdragon X Plus beats Apple’s M3
A photo of the Snapdragon X Plus CPU in the die

You might have already heard of the Snapdragon X Elite, the upcoming chips from Qualcomm that everyone's excited about. They're not out yet, but Qualcomm is already announcing another configuration to live alongside it: the Snapdragon X Plus.

The Snapdragon X Plus is pretty similar to the flagship Snapdragon X Elite in terms of everyday performance but, as a new chip tier, aims to bring AI capabilities to a wider portfolio of ARM-powered laptops. To be clear, though, this one is a step down from the flagship Snapdragon X Elite, in the same way that an Intel Core Ultra 7 is a step down from Core Ultra 9.

Read more
Gigabyte just confirmed AMD’s Ryzen 9000 CPUs
Pads on the AMD Ryzen 7 7800X3D.

Gigabyte spoiled AMD's surprise a bit by confirming the company's next-gen CPUs. In a press release announcing a new BIOS for X670, B650, and A620 motherboards, Gigabyte not only confirmed that support has been added for next-gen AMD CPUs, but specifically referred to them as "AMD Ryzen 9000 series processors."

We've already seen MSI and Asus add support for next-gen AMD CPUs through BIOS updates, but neither of them called the CPUs Ryzen 9000. They didn't put out a dedicated press release for the updates, either. It should go without saying, but we don't often see a press release for new BIOS versions, suggesting Gigabyte wanted to make a splash with its support.

Read more
ExpressVPN Deals: Save 49% when you sign up today
Express VPN logo.

VPNs have become pretty important in the modern world, whether it's a matter of unlocking geo-blocked content or providing an extra layer of security to your connection when you're out in public. Luckily, one of the best VPNs on the market has a sale right now that will save you 49% on the regular pricing. You also get a 30-day money-back guarantee to test it out, which is great because there isn't any Express VPN free trial you can take advantage of. That said, if the deal below doesn't quite tickle your fancy, or Express VPN is not the VPN that fits your needs, you can check out some of these other great VPN deals as well.

Today's Best ExpressVPN Deal

Read more