Brian Krebs at the Washington Post reports,
A U.S. based Web hosting firm that security experts say was responsible for facilitating more than 75 percent of the junk e-mail blasted out each day globally has been knocked offline following reports from Security Fix on evidence gathered about criminal activity emanating from the network.
1) Major Source of Online Scams and Spams Knocked Offline
2) Host of Internet Spam Groups is Cut Off
“This story was updated from an earlier version to clarify McColo’s role in hosting of suspicious sites.”
Certifiedbug,
Spamcop stats, week.
I doubt that is a coincidence, more later.
Edit: Spamcop, 24 hours.
CIDR Report for AS26780
Global Crossing still shows a listing.
“26780 MCCOLO – McColo Corporation
Adjacency: 1 Upstream: 1 Downstream: 0
Upstream Adjacent AS list
AS3549 GBLX Global Crossing Ltd.”
FireEye Malware Intelligence Lab, 2008.10.26.
If you look back in our articles, you’ll see a fairly deep connection between Malware, Botnets, and McColo. With the shutdown of Atrivo, McColo seems to be the frontrunner for Botnet/Malware hosting -
