McColo: Bloodied but unbowed? Exploiting the security flaw in bandwidth reselling

HostExploit's supplement to „McColo – Cyber Crime USA? report describes and provides analysis of events where McColo briefly came back online for approximately 24 hours over the weekend of 15th – 16th of November 08. A four minute video of the temporary reconnection by McColo is available.

We have determined an “Achilles heel” in security procedures, where un-vetted bandwidth reselling for many of the carriers, allows cyber criminal groups to get under the radar. This is how they sneak into the Internet connectivity loop.

There is further information about the emerging routes of the spam and botnet C&C (command and control) as McColo?s successors, and its original mother ship. In addition there is a summary of people originally behind McColo.