RBN - McColo R.I.P.
‘Alas poor McColo I knew them well’ - so does anyone on the planet who receives email / spam.
As a result of the first hostexploit cyber crime USA report which focused on Atrivo / Intercage and subsequent community actions, there was a quantitative drop of 10% of spam and malware worldwide. While temporary, it does clearly demonstrate that with a concerted and consistent effort by concerned commercial Internet network operators, a safer Internet can ensue.
Following Hurricane Electric's awareness of the report's content, at approximately 4:30pm EST 11/11/08 Hurricane Electric pulled the plug. Just to check on this see the chart from SpamCop below. Yes a huge drop in spam as just one example!
Of course not over yet -
fraudcrew.com on IP 126.96.36.199 = 193.64-62-171.reverse.mccolo.com =
net 188.8.131.52/18 =
AS6939 HURRICANE Electric. Our favorite ‘CoolWebSearch hijackers’ are still online.
Also as we see on the CIDR report AS26780 MCCOLO - McColo Corporation is still peered by AS3549 GBLX Global Crossing Ltd.
However, we can assume Hurricane Electric will get around to this 184.108.40.206/18 net block and GBLX is also acting in unison.
Again this is an excellent example of a growing community effort, involving a wide cross section of anti-spammers, malware and botnet researchers, journalists, and Internet network operators. When considering the ongoing war for the heart and soul of the Internet; “Not the end not the beginning of the end, but the end of the beginning”?