Spam plummeted by two-thirds, in the wake of the plug being pulled on alleged cybercrime host McColo, according to news reports. But virtually no one thinks spam will continue at today's low level of merely 60 billion spam messages per day.
"I'm not under the illusion that it's going to last forever, but it's nice to have these small victories," said Paul Ferguson, an advanced threat researcher at software security company Trend Micro Inc. who contributed to the effort.According to Danny McPherson, vice president and chief security officer at Arbor Networks, the McColo scum will be back in business in short order.
"Everyone understands where they are for a while and then they move somewhere else. They just take their address space and announce it elsewhere and they're back in business. When that happens, they'll be right back at it. (SearchSecurity)
Look to Eastern Europe as the next base of operations, Adam O'Donnell writes at ZeroDay:
The shutdown has removed pieces of infrastructure critical for the operation of several spammers, but this does not mean they cannot adapt. We have seen that command and control servers can be eliminated by using distributed control algorithms, and storefronts can be hidden across compromised websites. The spammers may even regroup by recreating the services provided by McColo somewhere in Eastern Europe.
While many people would like to declare this event as the first step in the end to spam, I can pretty much guarantee you that it isn’t. Over the next few weeks, spammers will further decentralize their operation, turn the botnets back on, and restart their barrage.