A US Internet Service Provider (ISP), McColo was knocked offline on Tuesday after a research report alleged that the company aided cybercriminals in promoting spams, child pornography, and other online frauds.
Several Internet security researchers - who assumed ISP of hosting spamming and phishing activities and helping cybercriminals in distributing malware - were keeping a vigil eye over the ISP for past few years.
A number of security researchers purported that the spam rates declined by 40 and 75 percent as soon as the ISP went offline, indicating that a substantive portion of world’s spam was hosted by McColo.
Peering is a process, through which ISPs connect with each other to share internet traffic, and McColo shared traffic with Hurricane Electric, which disconnected with McColo on Tuesday by saying, “They're obviously doing bad things online and we don't want that on our network”.
Jart Armin, who has been investigating McColo, released a report quoting that the ISP was hosting command and control systems for a large number of botnets, including Dedler, Mega-D, Pushdo, Srizbi, and Rustock, with each of these controlling around an average of 600,000 slaved computers, to distribute junk emails on large scale.
The report further states, “Research and contribution has shown at least 40 confirmed CP websites, name servers, and CP payment systems recently served by McColo”.