| View previous topic :: View next topic |
| Author |
Message |
PalinPounder
Guest
|
 Posted: Thu Nov 13, 2008 1:49 pm Post subject: Good News: SPAM Traffickers Booted Offline! Bad News: You |
 |
|
Let's hope www.xhamster.com survives the shakeout!
----------------
"Web Host of Groups That Traffic Spam Kicked Offline"
By Brian Krebs
washingtonpost.com Staff Writer
Thursday, November 13, 2008; D01
The volume of junk e-mail sent worldwide may have dropped drastically
yesterday after a Web-hosting firm, identified by many in the computer
security community as a major host of organizations engaged in spam
activity, was taken offline.
McColo, a San Jose Web-hosting company that, according to computer
security experts, serves as a U.S. staging ground for international
firms that sell a variety of items, including counterfeit
pharmaceuticals and child pornography, ceased operations after two
Internet providers blocked Web access.
SecureWorks, an Atlanta security-services provider, estimates that
McColo was responsible for 75 percent of all spam sent in the United
States each day.
Global Crossing, a Bermuda company with U.S. operations in New Jersey
and one of the two companies that provided Internet access to McColo,
would not say why it cut off the company, but said Global Crossing's
policy prohibits "malicious activity."
Benny Ng, director of marketing for Hurricane Electric, a Fremont,
Calif., company that served as McColo's other Internet provider, said
it decided to block the host firm after reading about allegations
against McColo.
"We shut them down," Ng said. "We looked into it a bit, saw the size
and scope of the problem . . . Within the hour, we had terminated all
of our connections to them."
McColo officials did not respond to several e-mails, phone calls and
instant messages.
Paul Ferguson, a threat researcher with computer security firm Trend
Micro, said that despite the actions by McColo's Internet providers,
U.S. authorities should have been looking into the company and its
customers for a long time.
"There is damning evidence that this activity has been going on there
for way too long, and plenty of people in the security community have
gone out of their way to raise awareness about this network," Ferguson
said. "It's a statement on the inefficiencies of trying to pursue
legal prosecution of these guys that it takes so long for anything to
be done about it."
It is unclear the extent to which McColo could be held responsible for
the activities of the clients for whom it provides hosting services.
It is also unclear what, if any action U.S. law enforcement has taken
regarding McColo. A spokesman for the FBI, which investigates cyber
crimes, declined to comment.
Mark Rasch, a former cyber-crime prosecutor for the Justice Department
and managing director of FTI Consulting in Washington, said Web-
hosting providers generally are not liable for illegal activity
carried out on their networks except in cases involving copyright
violations and child pornography.
In 2001, BuffNET, a large regional service provider in Buffalo,
pleaded guilty to knowingly providing access to child pornography
because the company failed to remove the Web pages after being alerted
to the material.
"It's a little bit like a landlord who owns a building and sees people
coming in and out of the apartment complex constantly at all hours,"
Rasch said. "There are certain things that raise red flags, such as
the nature, volume, source and destination of the Internet traffic,
that can and should raise red flags."
A number of security researchers have published reports over the past
year alleging that McColo hosts the top "botnets," or vast collections
of hacked computers networked together, to blast out spam or attack
others online.
Joe Stewart, director of malware research for SecureWorks, said
botnets such as "Mega-D" or "Srizbi," which are known to send e-mails
about access to prescription drugs, have had their master servers
hosted at McColo.
Although security experts who have been seeking to stop McColo from
allegedly hosting questionable sites are pleased to see the company
lose its access, some are worried that it will only make it harder to
track illegal activity.
"Everything will just be more spread out and harder to mitigate,"
Stewart said. "We rather like knowing where the bad activity is coming
from, so protecting our networks is easier."
http://www.washingtonpost.com/wp-dyn/content/article/2008/11/12/AR2008111202662.html |
|
| |
|
 Back to top |
Kyle Schwitters
Guest
|
| Posted: Thu Nov 13, 2008 6:26 pm Post subject: Re: Good News: SPAM Traffickers Booted Offline! Bad News: Yo |
|
|
Whew!
www.xhamster.com is still up ... |
|
| |
|
| Back to top |
nicenips
Guest
|
| Posted: Wed Nov 19, 2008 4:54 pm Post subject: Re: Good News: SPAM Traffickers Booted Offline! Bad News: Yo |
|
|
"Answers Trickle Out as Spammer Networks Remain Compromise"d
By Brian Krebs
washingtonpost.com Staff Writer
Wednesday, November 19, 2008; D02
At about 4:30 p.m. Eastern time last Tuesday, the volume of junk e-
mail arriving at inboxes around the world suddenly plummeted by about
65 percent. Confronted with information that one Silicon Valley
computer firm was hosting organizations that controlled the
distribution of much of the world's spam, Internet service providers
pulled the plug and McColo Corp., the hosting firm, went dark.
By most accounts, the volume of spam has remained at far diminished
levels, though experts say they expect spam to soon bounce back, or
even exceed previous levels. But the question remains: How could such
a massive concentration of spam activity be hosted for so long by
servers at a single U.S.-based facility, in the belly of the security
and tech community in Silicon Valley?
The answer exemplifies how complex the battle against spam has become.
Like other hosting firms, McColo -- which has not been charged with
any crime -- assigns certain Internet addresses for its clients'
computers to use. But spam often does not come directly from those
computers, according to security experts who have documented the
activity. Rather, firms such as McColo host a number of key Internet
servers -- computers that control networks of computers. Those
networks are used by their respective owners to turn hundreds of
thousands of compromised PCs into spam distributors, the experts said.
According to security service providers including the Atlanta-based
SecureWorks, some of the largest collections of hacked PCs, known as
robot networks or "botnets," may have had their master control servers
hosted at McColo. McColo officials did not respond to requests for
comment.
Botnets typically are rented out to junk e-mail purveyors. The
spammers then sign in remotely to control servers and use them to send
billions of e-mails a day, touting everything from knock-off
pharmaceuticals and designer goods to pornography and get-rich-quick
scams.
But when McColo was taken offline by its Internet providers, so too
were all of the botnet control servers located there, security experts
said.
Joe Stewart, director of malware research for SecureWorks, said some
botnets might remain disconnected. The three largest spam botnets on
the Internet appear to be stranded and unable to contact more than a
small number of their control servers, according to Marshal, a
computer security firm in the United Kingdom that tracks bot activity.
The shutting down of McColo may have also slowed one of the most
aggressive e-mail-address harvesting services, anti-spam groups said.
Matthew Prince, chief executive of Unspam Technologies and founder of
Project Honey Pot, a collaborative effort that gathers intelligence
about the world's largest spam networks, said that since June 2006,
crawler bots hosted at McColo were responsible for more than 30
million spam messages sent to the project's e-mail traps.
"And our spam traps constitute a tiny fraction of the e-mail addresses
in the world," Prince said. Since McColo shut down, Prince said, the
project has seen a 20 percent drop in the volume of the messages
received at its spam-trap e-mail addresses.
It is not clear what, if anything, federal law enforcement can do
about McColo hosting spammers, or whether anyone at the company has
committed any crime. A spokesman for the FBI declined to comment, as
did the Secret Service.
On Saturday, McColo briefly reconnected its Web servers to a major
Internet provider in Europe. Under pressure from the security
community, the provider severed its relationship with McColo the next
day. But that, said officials with computer security company Fireeye,
may have been enough time for spammers to reclaim control of 10,000 to
15,000 of an estimated 100,000 computers infected with malicious
software.
http://www.washingtonpost.com/wp-dyn/content/article/2008/11/18/AR2008111801120.html |
|
| |
|
| Back to top |
zzbunker@netscape.net
Guest
|
| Posted: Sun Nov 23, 2008 3:59 am Post subject: Re: Good News: SPAM Traffickers Booted Offline! Bad News: Yo |
|
|
On Nov 13, 8:49 am, PalinPounder <perryneh...@hotmail.com> wrote:
| Quote: | Let's hopewww.xhamster.comsurvives the shakeout!
----------------
"Web Host of Groups That Traffic Spam Kicked Offline"
By Brian Krebs
washingtonpost.com Staff Writer
Thursday, November 13, 2008; D01
The volume of junk e-mail sent worldwide may have dropped drastically
yesterday after a Web-hosting firm, identified by many in the computer
security community as a major host of organizations engaged in spam
activity, was taken offline.
McColo, a San Jose Web-hosting company that, according to computer
security experts, serves as a U.S. staging ground for international
firms that sell a variety of items, including counterfeit
pharmaceuticals and child pornography, ceased operations after two
Internet providers blocked Web access.
SecureWorks, an Atlanta security-services provider, estimates that
McColo was responsible for 75 percent of all spam sent in the United
States each day.
Global Crossing, a Bermuda company with U.S. operations in New Jersey
and one of the two companies that provided Internet access to McColo,
would not say why it cut off the company, but said Global Crossing's
policy prohibits "malicious activity."
Benny Ng, director of marketing for Hurricane Electric, a Fremont,
Calif., company that served as McColo's other Internet provider, said
it decided to block the host firm after reading about allegations
against McColo.
"We shut them down," Ng said. "We looked into it a bit, saw the size
and scope of the problem . . . Within the hour, we had terminated all
of our connections to them."
McColo officials did not respond to several e-mails, phone calls and
instant messages.
Paul Ferguson, a threat researcher with computer security firm Trend
Micro, said that despite the actions by McColo's Internet providers,
U.S. authorities should have been looking into the company and its
customers for a long time.
"There is damning evidence that this activity has been going on there
for way too long, and plenty of people in the security community have
gone out of their way to raise awareness about this network," Ferguson
said. "It's a statement on the inefficiencies of trying to pursue
legal prosecution of these guys that it takes so long for anything to
be done about it."
It is unclear the extent to which McColo could be held responsible for
the activities of the clients for whom it provides hosting services.
It is also unclear what, if any action U.S. law enforcement has taken
regarding McColo. A spokesman for the FBI, which investigates cyber
crimes, declined to comment.
Mark Rasch, a former cyber-crime prosecutor for the Justice Department
and managing director of FTI Consulting in Washington, said Web-
hosting providers generally are not liable for illegal activity
carried out on their networks except in cases involving copyright
violations and child pornography.
In 2001, BuffNET, a large regional service provider in Buffalo,
pleaded guilty to knowingly providing access to child pornography
because the company failed to remove the Web pages after being alerted
to the material.
"It's a little bit like a landlord who owns a building and sees people
coming in and out of the apartment complex constantly at all hours,"
Rasch said. "There are certain things that raise red flags, such as
the nature, volume, source and destination of the Internet traffic,
that can and should raise red flags."
A number of security researchers have published reports over the past
year alleging that McColo hosts the top "botnets," or vast collections
of hacked computers networked together, to blast out spam or attack
others online.
Joe Stewart, director of malware research for SecureWorks, said
botnets such as "Mega-D" or "Srizbi," which are known to send e-mails
about access to prescription drugs, have had their master servers
hosted at McColo.
Although security experts who have been seeking to stop McColo from
allegedly hosting questionable sites are pleased to see the company
lose its access, some are worried that it will only make it harder to
track illegal activity.
"Everything will just be more spread out and harder to mitigate,"
Stewart said. "We rather like knowing where the bad activity is coming
from, so protecting our networks is easier."
|
Of course it will be. Since nothing will ever stop Spam. Since it
has nothing
to do with computer security. It's strictly another media prefab,
just like the Bealtes.
So, the only other option is a network without Hollywood wanks.
> http://www.washingtonpost.com/wp-dyn/content/article/2008/11/12/AR200... |
|
| |
|
| Back to top |
|
