• WEATHER ALERT Winter Weather Advisory

Massive San Jose spam operation shut down

November 12, 2008 7:46:59 PM PST
A major distributor of the world's spam email has been knocked off the internet. The company, called McColo, has been operating for years in Silicon Valley.

Security experts say McColo could account for 75 percent of the spam activity worldwide. Cybercrime trackers say they've been gathering information on this operation and sharing it with law enforcement for quite some time.

McColo Corporation claimed to be operating out of a Market Post tower in Downtown San Jose. There is a bank of servers at this address.

Paul Ferguson is one of the internet security investigators who helped bring down what he calls an "illegal spamming operation of enormous proportions."

"Anything that could possibly be an illegal, money-making, profit-making venture, these guys had their fingers in," said Ferguson.

A community of security experts says for at least two years McColo hosted the majority of cybercrime taking place over the internet including "child porn, regular porn, credit card theft, fraud," according to Ferguson.

Ferguson says McColo was alerted several times that it was hosting illegal activity and did nothing.

ABC7 Legal Analyst Dean Johnson says, "If these people knew they had child porn on their servers then potentially they could be liable."

Investigators Tuesday told McColo's two internet service providers about their client's activity. Both Global Crossing and Hurricane Electric out of Fremont pulled the plug on McColo's service.

Trend Micro says there was a 45-percent drop in spam activity overnight, which ultimately means fewer cybercrime victims.

"Not only is it annoying, but when it's taking your critical information and exploiting it, it's terrible so it's good to hear they've been caught," said Ted Fawcett of Menlo Park.

Law enforcement agencies aren't talking about any possible arrests but at least in the short term, it is a victory.

"We take them down for a few days and then they may end up some place else but at least for a while we celebrate the fact that they're offline," said Pamala Warren with McAfee Cybercrime Initiatives.

The security gurus tracking the illegal activity say they believe the operation has deep roots in Russia and Ukraine.

"All evidence points to an organized criminal operation operating out of Eastern Europe," added Ferguson.

Ferguson says he has no doubt the people behind the operation will revamp quickly because there are hundreds-of-millions of dollars at stake. He also admits that law enforcement is challenged by the international aspect of the case because Eastern European countries are not known for cooperating with the U.S.

McColo executives were not available for comment. The FBI and Attorney General's office declined to comment on the case.

Read the backstory: Spam hunters battle cybercrime


Load Comments