A U.S. based Web hosting firm that security experts say was responsible for facilitating more than 75 percent of the junk e-mail blasted out each day globally has been knocked offline following reports from Security Fix on evidence gathered about suspicious activity emanating from the network.
While I’m normally a bit sceptical when reading these kinds of numbers, this appears to have made a real difference. The amount of spam has decreased more than 50% for more than a day. The Distributed Checksum Clearinghouse (DCC) sees about half the spam it usually does:
Spamcop sees an even larger reduction:
Unfortunately, nobody expects the drop to last for more than a couple of days. The spam didn’t originate from this network; the only thing shut down was the control network that controlled between 1 and 1.5 million infected PC’s that sent the actual spam. A follow-up article at the Washington Post quotes Nilesh Bhandari from IronPort:
Bhandari said he expects the spam volume to recover to normal levels in about a week, as the spam operations that were previously hosted at McColo move to a new home.
“We’re seeing a slow recovery,” Bhandari. “We fully expect this to recover completely, and to go into the highest ever spam period during the upcoming holiday season.”
The same thing happened when Atrivo/Intercage was shut down. Spam levels returned to normal within a couple of days. Tracking down the control networks won’t stem the flood of spam sent every single day; stopping spam will require both technical solutions and better coordination with law enforcement to prosecute the people responsible for sending it.