OK, actually, I don’t know Brian Krebs and I believe my current feeling is better described as appreciation mixed with admiration.
Brian Krebs writes the Security Fix blog for the Washington Post. On November 11, 2008 Brian’s post started like this:
A U.S. based Web hosting firm that security experts say was responsible for facilitating more than 75 percent of the junk e-mail blasted out each day globally has been knocked offline following reports from Security Fix on evidence gathered about suspicious activity emanating from the network.
For the past four months, Security Fix has been gathering data from the security industry about McColo Corp., a San Jose, Calif., based Web hosting service whose client list experts say includes some of the most disreputable cyber-criminal gangs in business today.
(Link: Major Source of Online Scams and Spams Knocked Offline)
The next post from Security Fix was titled "Spam Volumes Drop by Two-Thirds After Firm Goes Offline."
Whoa.
Reports from various sources show dramatically reduced spam levels after McColo was taken offline. Everyone expects spam levels to bounce back relatively soon, but it’s nice to see the bad guys hitting a speed bump.
My understanding is that the McColo servers were coordinating the spamming activity of zombies / botnets. [Computer savvy readers, please help your friends and family get their computers cleaned up and properly protected. And educate them about sources of malware.]
Check out these graphs from SpamCop showing spam levels in the week and month leading up to the McColo cutoff. Dramatic stuff:
I hate spam. I wish ISPs did more to help customers with zombie computers.
Additional info: A Closer Look at McColo