Spam drops 15 percent after FTC Pricewert takedown
The U.S. Federal Trade Commission's recent takedown of an Internet service provider thought to be a safe haven for spammers has reduced spam volumes, but only by a little.
According to e-mail security vendor Marshal8e6, total spam volume dropped by about 15 percent last week, as the FTC got a court order to pull the plug on a notorious ISP named Pricewert. "We noticed quite a drop-off mid to late last week," said Phil Hay, a threat analyst with Marshal8e6. "Things got pretty quiet compared to what we'd been seeing."
Pricewert, which also did business under the name 3FN, was knocked off-line after the companies that provided it access to the Internet stopped doing business with it. This happened after the FTC was granted a temporary restraining order Tuesday in the U.S. District Court for the Northern District of California.
According to the FTC, Pricewert was home to a host of illegal activity including the distribution of viruses, phishing, spyware and child pornography. In a statement, the FTC said Pricewert "actively shielded its criminal clientele by either ignoring take-down requests issued by the on-line security community, or shifting its criminal elements to other Internet protocol addresses it controlled to evade detection."
The ISP has said that the alleged criminal activity on its network was the result of bad customers and not its fault.
Pricewert lists its principal place of business as Belize City, Belize, but it operated out of a DataPipe data center in San Jose, California, the FTC said.
Pricewert was thought to be home to several servers used to control computers infected with the Cutwail Trojan program (also known as Pushdo). Criminals had been using these infected machines to pump out spam messages, and right before the takedown the ISP was responsible for about 30 percent of the spam tracked by Marshal8e6.
Last November, spam levels dropped close to 50 percent after notorious ISP McColo was taken off-line by its upstream providers, and it took months for spam levels to rebound to the same volume.
However, the results from the Pricewert takedown were not as dramatic.
According to data from Cisco Systems, spam levels dropped about 30 percent at the end of last week but rebounded to normal levels on Sunday and Monday.
Security experts say that following the dramatic McColo incident, spammers may have put better backup systems in place to maintain control of their botnets of hacked computers. "Obviously, this was not a McColo. They were ready for the takedown," said Richard Cox, chief information officer with Spamhaus, an anti-spam group. "We've seen the backups pop up and have to get taken down and so on."
IDG News Service
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
isp
Powered by Twitter
jfruh
Apple syncing patent can't come soon enough
pasmith
New Twitter features borrow from 3rd party clients
Esther Schindler
Open Source Changes the Software Acquisition Process
mikelgan
How to set up continuous podcast play on the new iTunes
David Strom
Five important Windows 7 mobility features
sjvn
Guard your Wi-Fi for your own sake
Sandra Henry-Stocker
Grepping on Whole Words
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
