Eleven: Spam Onslaught Recovers From McColo Shutdown

Spam levels quickly rally, return to pre-shutdown levels

February 12, 2009

3 Min Read


Berlin, 10 February 2009 " In the first week of February 2009 average volumes of spam returned to levels recorded prior to the shutdown of Californian spam-host McColo on 11 November 2008. These findings were reported by leading German e-mail experts eleven. eleven had noted a marked increase in the volume of viruses, peaking in December 2008, when e-mail viruses sometimes constituted as much as ten percent of total e-mail traffic. This increase was primarily caused by the emergence of new botnets, which were set up to replace the spammer's defunct infrastructure. Between 11 and 12 November 2008 the worldwide spam volume dropped more than 60 percent, after several ISPs cut off the host's internet connection. McColo were responsible for the operation of some of the major botnets, and thus for an estimated 75 percent of spam volume worldwide. After the shutdown, spam volumes initially remained at this considerably reduced level before gradually escalating again in December 2008. By the second half of January 2009, eleven was registering peaks in volume similar to those witnessed prior to the start of November 2008 McColo shutdown. Volume of emails containing viruses as high as 10 percent The spam hosters spent November and December primarily rebuilding their infrastructure. As part of the rebuilding process large waves of trojans were sent out to infect private and company computers and attach them to a botnet. On some days up to ten percent of the daily e-mail volume contained such viruses. The e-mails were disguised, for example as requests for payment, dispatch notifications or other important communications. They contained either a viral attachment or a link to a website, which when opened infected the user with a virus. The ongoing surge in the volume of spam since the start of December 2008 demonstrates the success of the spammer's strategy. They have already replaced a large part of the botnet structures. "Spammers have learnt from McColo shutdown" "The speed with which the spam host has rebuilt their infrastructure demonstrates how flexibly they can react to adverse conditions," said Robert Rothe, eleven founder and CEO. "But above all, they've learnt from this experience: the new botnets are organised in a much more decentralised way and are designed with more redundancy. In the future it will take more than just the shutdown of a single host to impede the bulk of the worldwide spam." (approx. 420 words / approx. 2610 characters) eleven " e-mail security made in Germany eleven is Germany's leading e-mail security provider. eXpurgate is the world's only spam filter and e-mail categorisation service that offers reliable protection against spam and phishing mails, recognises potentially dangerous e-mails and differentiates between individual mails and any kind of bulk mail. What's more, eXpurgate also offers a powerful e-mail firewall and a comprehensive range of options for protecting against viruses. More than 30,000 businesses of all sizes use the eXpurgate service. eXpurgate checks and categorises up to 1 billion e-mails every day. Alongside internet service providers such as T-Online, O2, Vodafone and freenet, eleven's client base includes many well-known companies and public institutions such as Air Berlin, the Association of German Banks, DATEV, the Free University of Berlin, Landesbank Berlin, Mazda, RTL and Tobit Software AG. Further information can be found at http://www.eleven.de. Press contact eleven GmbH Sascha Krieger Hardenbergplatz 2

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights