New developments in spam

2008-11-14

in Economics, Geek stuff, Internet matters, Security

Remarkably, it seems that 70% of the world’s spam emails were originating from an American firm called McColo. On November 11th, two American internet service providers cut them off from the web, leading to the huge drop in the global volume of spam. It is estimated that 90% of spam messages are actually sent by computers that have been compromised by viruses, which makes it a bit surprising that such a drop could be generated by disconnecting one firm. Clearly, it is a network that needed central direction to operate. Those that emerge as successors will probably be more robust, located in more unpoliced jurisdictions, or both.

While the respite is likely to be temporary, the situation may reveal some useful information on the practice and economics of spam. This unrelated paper (PDF) examines the latter. The researchers infiltrated a segment of the Storm Botnet and monitored its activity and performance. On the basis of what they observed and estimates of the rest, they concluded that the botnet earned about 3.5 million dollars a year by selling pharmaceuticals. While that isn’t an inconsiderable sum, I suspect it is less than is being spent by companies combatting the flood of spam messages themselves.

Report a typo or inaccuracy

{ 17 comments… read them below or add one }

Hella Stella November 14, 2008 at 9:19 am

How fitting… Morty probably loves spam! (Although maybe not the kind you’re talking about…)

Litty November 14, 2008 at 9:26 am

What an adorable pooch!

Milan November 14, 2008 at 9:56 am

My photos of the day rarely have anything to do with the content of the posts, which are sometimes written as much as a week before they are published.

I generally feel comfortable when I have two days worth of posts lined up. When there are less, I need to hunt more actively for ideas.

. November 14, 2008 at 11:29 am
Emily November 14, 2008 at 2:23 pm

So adorable.. His bottom teeth are pretty comical.

R.K. November 14, 2008 at 2:28 pm

Would it be possible to use McColo’s computers to destroy the botnets?

Milan November 14, 2008 at 4:18 pm

That would be a neat trick. I have no idea if it would be possible.

As I understand it, McColo got cut off from the web by their ISPs. They were not raided by law enforcement, despite having apparent ties to child pornography, as well as spam.

. November 17, 2008 at 10:11 am

Most Spam Came from a Single Web Hosting Firm
By Bruce Schneier

Bhandari said he expects the spam volume to recover to normal levels in about a week, as the spam operations that were previously hosted at McColo move to a new home.

“We’re seeing a slow recovery,” Bhandari. “We fully expect this to recover completely, and to go into the highest ever spam period during the upcoming holiday season.”

. November 17, 2008 at 10:35 am

Even as consumers are cutting back on all sorts of goods, Spam is among a select group of thrifty grocery items that are selling steadily.

Spam holds a special place in America’s culinary history, both as a source of humor and of cheap protein during hard times.

Invented during the Great Depression by Jay Hormel, the son of the company’s founder, Spam is a combination of ham, pork, sugar, salt, water, potato starch and a “hint” of sodium nitrate “to help Spam keep its gorgeous pink color,” according to Hormel’s Web site for the product.

. November 17, 2008 at 9:19 pm

McColo Takedown, Vigilantes Or Neighborhood Watch?

“Few tears were shed when alleged spam and malware purveyor McColo was suddenly taken offline last Tuesday by its upstream service providers. But behind the scenes of the McColo case and another recent takedown of Intercage, a ferocious struggle is taking place between the purveyors of Web-based malware and loosely aligned but highly committed groups of security researchers who are out to neutralize them. Backers claim that the effort to shut down miscreant ISPs is needed because of the inability of law enforcement agencies to deal with a problem that is global in nature. But some question whether there is a hint of vigilantism behind the takedowns — even as they acknowledge that there may not be any other viable options for dealing with the problem at this point.”

Milan November 17, 2008 at 10:41 pm

Here is a shot of Morty back in June.

It will be interesting to contrast both of these with one when he is fully grown.

. November 18, 2008 at 7:18 pm

McColo Briefly Returns, Hands Off Botnet Control

On Saturday the malware network briefly returned to life in order to hand over command and control channels to a Russian network.

“The rogue network provider regained connectivity for about 12 hours on Saturday by making use of a backup arrangement it had with Swedish internet service provider TeliaSonera. During that time, McColo was observed pushing as much as 15MB of data per second to servers located in Russia, according to… Trend Micro. The brief resurrection allowed miscreants who rely on McColo to update a portion of the massive botnets they use to push spam and malware. Researchers from FireEye saw PCs infected by the Rustock botnet being updated so they’d report to a new server located at abilena.podolsk-mo.ru for instructions. That means the sharp drop in spam levels reported immediately after McColo’s demise isn’t likely to last.”

Milan December 5, 2008 at 5:39 pm
Milan December 8, 2008 at 11:53 am

So adorable.. His bottom teeth are pretty comical.

The technical term for the bulldog underbite is ‘mandibular prognathism.’

And, yes, it is adorable.

Jenn April 2, 2009 at 10:22 am

Ha, thanks for linking me to this! I can’t wait to get one, but unfortunately I will have to until I buy a place of my own (hopefully by fall!).

Milan April 2, 2009 at 10:31 am

For the benefit of any perplexed readers, I should explain that Jenn is talking about the bulldog, not the contents of this post.

Bulldogs are certainly very entertaining creatures, though I wouldn’t want all the responsibilities associated with having one.

. August 31, 2010 at 3:44 pm

“I get about 200 spam e-mails a day. The senders go to extraordinary lengths to get my attention—they torture the English language, they offer me great discounts on life insurance and exotic pharmaceuticals, they promise to make my wife a very happy woman—but it’s all for naught. Over the last few years Gmail, like other e-mail services, has become very good at spotting spam. It catches just about every junk message before it hits my inbox; the messages are rerouted to my spam folder, which I almost never open (and when I do open it, I almost never notice legitimate messages marked as spam). In other words, spam—which was once the great boogeyman of the Internet, a scourge that was often predicted to bring down e-mail entirely—is no longer a problem for me. When I polled my colleagues at Slate recently, many reported a similar situation. They don’t spend much time dealing with junk mail. I bet you don’t either.

Slate’s late sister publication The Big Money noticed spam’s disappearance last fall—”Surprise! We Won the War on Spam,” it declared—but the shift has been relatively unremarked upon by the tech industry. Google, Yahoo, Microsoft, and other companies haven’t held any celebrations to herald the end of spam. Why not? Despite the death of spam, e-mail hasn’t gotten much easier to deal with. That’s because our inboxes are inundated with legitimate mail.

Not only do we get ever more mail from our colleagues, friends, and family, we also get all kinds of annoying messages that aren’t technically spam. In your inbox right now, you’re likely to find friend requests from people on LinkedIn or Facebook, CNN alerts about breaking news, and a message from someone in your office letting you know there’s cake in the kitchen, followed by several responses letting you know that the cake is gone. In the deli-influenced parlance of e-mail management, these legitimate but not urgent messages have been labeled “bacn” and “bologna”—they’re better than spam, but they’re not the real deal. And until now, they’ve been a pain to deal with.”

Leave a Comment

You can use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Previous post:

Next post: