Washington Post Story Convinces Service Providers To Pull The Plug On Major Spam Enabler

from the but-where-do-they-go dept

Wed, Nov 12th 2008 12:48pm — Mike Masnick

We're seeing a bunch of folks pointing out that evidence collected by the Washington Post's computer security writer, Brian Krebs, is basically responsible for getting that company kicked off the internet. Krebs is a fantastic reporter, so I don't doubt the story -- but I'm always a little skeptical of stories claiming that a huge percentage of spammers have been knocked offline. We see such stories every few months, and it never seems to have any real impact on the amount of spam out there. Just last month there was a report claiming that the world's largest spam operation was shut down, but the actual amount of spam flowing across the network did not decrease.

This case is a little different, in that it didn't shut down the spammers themselves, but rather a hosting company that apparently many of the largest zombie botnets relied on. However, it seems quite likely that they'll find some other hosting company that will gladly take them on and everything will be up and running again. That's not to say it's bad that these guys get taken down -- but at some point people should realize this seems like a big game of whack-a-mole, and there may be better, more efficient ways to tackle the problem.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: botnets, hosting, shut down, spam, spam ring
Companies: mccolo, washington post

20 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Dave Barnes, 12 Nov 2008 @ 12:51pm

Significant results so far
This http://www.spamcop.net/spamgraph.shtml?spamweek says it all.

A 75% drop in spam. Amazing.
[ link to this | view in chronology ]
Anonymous Coward, 12 Nov 2008 @ 1:05pm

Aha! So that's what happened... Wow.

I can definitely say this is the first time I've actually seen a difference, and what a big one it was. Today, I woke up to only one (1!) e-mail in my Spam folder, where I usually see 10 to 20. With that big a difference, I knew something had to be up.
[ link to this | view in chronology ]
Karl, 12 Nov 2008 @ 1:15pm

Traffic Drop
Picture, 1,000 words, blah blah blah.

http://www.dslreports.com/r0/download/1368730~af0d17d2c90ea0591df6b6f9fb98d636/spam.gif
[ link to this | view in chronology ]
PaulT (profile), 12 Nov 2008 @ 1:18pm

It's nice that security flaws are addressed by those people who are exposing them to the world - even without the spam problem, it's a good thing. However, there will only ever be one truly effective solution to the spam problem - get the idiots who are handing money over to the scammers to stop doing so. I fear there's too many morons out there for this to be realistic, sadly.
[ link to this | view in chronology ]
Anonymous Coward, 12 Nov 2008 @ 1:54pm

zombie botnets need brains
[ link to this | view in chronology ]
Anonymous Coward, 12 Nov 2008 @ 2:15pm

This is the second time
When the first of this sort was cut off, my spam dropped from 6000 to 4000 a day. Today it seems to have dropped another 25% to 3000. I am pleased.
[ link to this | view in chronology ]
- Earl, 12 Nov 2008 @ 3:26pm
  
  Re: This is the second time
  If I got that much spam every day I'd have stopped using email a long time ago.... Sorry to hear it. Hope it improves more still, for your sake.
  [ link to this | view in chronology ]
Danny (profile), 12 Nov 2008 @ 2:46pm

What are they?
Mike wrote: "there may be better, more efficient ways to tackle the problem"

Agreed this is whack-a-mole, but what are those better, more efficient ways? I can't think of anything practical that would work.
[ link to this | view in chronology ]
Danny (profile), 12 Nov 2008 @ 2:48pm

But for how long
I see posters above say spam is down today. OK, but for how long will it be down? Mike is right, these guys will find other ISPs before long.
[ link to this | view in chronology ]
bigjuliefromchicago, 12 Nov 2008 @ 3:11pm

better ways
"and there may be better, more efficient ways to tackle the problem."

such as....................?

personal data point: Canadian pharmacies seemed to disappeared of late.
[ link to this | view in chronology ]
Karl, 12 Nov 2008 @ 3:27pm

I find it interesting that NY AG Cuomo can spend months pretending that newsgroups are bastions of evil and getting ISPs to sign deals that have them do nothing differently..... yet a major crime syndicate host in business for years despite ample evidence from researchers just slips out of his grasp...
[ link to this | view in chronology ]
Difranco, 12 Nov 2008 @ 3:36pm

The Best Anti-Spam Solution
... was Blue Frog by Blue Security Inc. I wish someone else would develop something similar.
[ link to this | view in chronology ]
- Rich Kulawiec, 13 Nov 2008 @ 7:01am
  
  Re: The Best Anti-Spam Solution
  This is nonsense, of course, which is why the first people to condemn what the spammers at Blue Frog were doing were the world's most experienced anti-spammers.
  [ link to this | view in chronology ]
guy one, 12 Nov 2008 @ 4:44pm

Tank you Google! i see no spam in the inbox on either my gmail account or my Google apps account. The best spam filter out there.
[ link to this | view in chronology ]
Dalton, 12 Nov 2008 @ 8:23pm

Not just whack-a-mole
Going after the ISPs is actually very efficient. You predict that the criminals will "find some other hosting company that will gladly take them on", but when an ISP or host knows it might get kicked off the Internet for doing so it will be much more reluctant to do that.

The ISPs and hosts are certainly the most equipped party to monitor what is happening on their own networks, they just need the proper incentives to do it.
[ link to this | view in chronology ]
Svetlana Gladkova, 12 Nov 2008 @ 11:22pm

too bad they'll recover too soon
My major concern is about security experts now having tons more work to do to track the same spammers on other servers belonging to some other hosting company. It looks like with every situation like this they need to start afresh and I don't think that reducing the volume of spam for a day is really worth it.
[ link to this | view in chronology ]
Anonymous Coward, 13 Nov 2008 @ 1:06am

I'd have a different attitude toward this. In absence of a better and more efficient method (which nobody has suggested), I applaud this effort even if spammers will find a new host - at the very least this serves as a warning to potential host. It's very easy to say that there should be a better method without suggesting one.
[ link to this | view in chronology ]
eclecticdave (profile), 13 Nov 2008 @ 2:43am

Re: Not just whack-a-mole
> The ISPs and hosts are certainly the most equipped party to monitor what is happening on their own networks, they just need the proper incentives to do it.

Let's see ...

ISP's monitoring network data to prevent copyright infringment - bad.
ISP's monitoring network data to prevent spamming - good?

I fail to see how you can have it both ways.

While I hate spam as much as anyone else, ISPs should not be required to police their network to prevent illegal activity - not for any reason.
[ link to this | view in chronology ]
- Xanthir, FCD, 13 Nov 2008 @ 6:15am
  
  Re: Re: Not just whack-a-mole
  Let's see ...
  
  ISP's monitoring network data to prevent copyright infringment - bad.
  ISP's monitoring network data to prevent spamming - good?
  
  I fail to see how you can have it both ways.
  
  While I hate spam as much as anyone else, ISPs should not be required to police their network to prevent illegal activity - not for any reason.
  
  Well, it's actually quite simple. Copyright infringement is merely a legal issue to ISPs - there's no reason for them to care about it until people get lawyered up. Spam, on the other hand, is something with actual *effects* on them. If we could eliminate all spam in an instant, the effects on network congestion would be IMMENSE. Thus, ISPs have a good reason to police themselves and each other for spam - it's for their own survival.
  [ link to this | view in chronology ]
David, 13 Nov 2008 @ 12:42pm

Spam
Figures could well be true. There`s a hell of a lot less spam in my G-Mail spam box over the last few days.
[ link to this | view in chronology ]