Six weeks ago, at the end of September, a loose organization of security researchers and network professionals announced that their collective efforts to fight badware had finally borne fruit. After years of complaints and shady dealings, the rogue ISP Atrivo was finally forced offline when the company’s last remaining uplink provider severed its business relationship with the beleaguered baddie.
Later in October, the FTC announced that it had won a major injunction against the international spam operation HerbalKing.
Now, on the relative heels of these announcements, comes news of a third major takedown. As of yesterday, the rogue ISP McColo has been taken offline, hopefully for good.
McColo’s website is down, and has been that way since at least Tuesday afternoon. Security Fix, meanwhile, is holding back most of the details of its investigation, presumably pursuant to the Washington Post publishing its own story. One fun tidbit of information the blog has deigned to release is that McColo had its hands in more than just a sticky, spammy pie. The company’s elite clientele included distributors of child pornography, commercial websites to allow purchase and delivery of the same, plus the usual group of thieves, fraudsters, and generally bad people.
No one expects the dip in overall spam traffic to be anything more than temporary, whether McColo itself comes back online or not, and the size of the drop in spam levels following an ISP takedown may ultimately prove to be a poor metric when evaluating the effectiveness of a successful white hat campaign.
Every little step towards shutting down criminals and sleaze – since the marketplace has little or no effect – is worthwhile.