We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

500,000 'bot' PCs rescued as 'Spam' ISP taken offline

Crippled McColo accused of hosting global botnets

A huge botnet consisting of 500,000 compromised PCs was crippled when US-based 'spam ISP' McColo was taken offline last week, according to Joe Stewart, director of malware research at SecureWorks.

McColo, which was thought to host a number of hacking and child pornography sites, was cut off from the internet last week by its upstream providers after an investigation by computer security analysts and the Washington Post.

That means the PCs that formed the botnets can no longer receive instructions, according to Stewart, and are therefore no longer accessible by criminals.

Stewart said "half a million bots are either offline or not communicating" with their command-and-control servers. Those PCs were previously responsible for as much as 75 percent of worldwide spam, according to reports, with a record number of bots being severed from their controllers.

At least two major botnets were crippled when McColo was taken offline. One - called Srizbi - was said to include a network of 315,000 bots worldwide in April. The other - Rustock - controlled 150,000 PCs.

Rustock's bots may be never be recovered, Stewart said. However, the Srizbi botnet may still come back online. "When Srizbi bots can't connect, as a backup they're coded to try other domain names," he said.

See Security Advisor for more PC security news, reviews and tutorials

IDG UK Sites

Samsung Galaxy S6 review: Hands-on with the new Samsung Galaxy. Samsung's flagship is more iPhone-lr......

IDG UK Sites

Samsung: King of the Androids (or MWC, at least)

IDG UK Sites

HP Z1 G2 review

IDG UK Sites

What does that mean? A jargon-buster dictionary of tech terms for Apple fans