Worldwide spam is thought to have dropped by as much as 75 percent after US ISP McColo was cut off from the internet because it was thought to have aided cybercriminals in online scams and hosted child pornography.

Computer security analysts have been monitoring the ISP, which is one of a handful of so-called 'bulletproof' hosting providers that provide safe haven online for cybercriminals selling Viagra and fake security software, for years.

ISPs can connect with each other to exchange internet traffic, a practice known as 'peering'. Hurricane Electric, an ISP that carried a portion of McColo's traffic, disconnected with McColo earlier this week. Global Crossing, an Internet Protocol (IP) network services provider also connected to McColo would not comment.

Spam messages

"All I can tell is we communicate and comply fully with legal authorities, but we do not comment on individual customers and individual incidents," said Richard Larris, senior manager for media relations at Global Crossing.

Analysts are predicting a drop in spam activity - between 30 and 80 percent, according to various reports - while McColo is offline.

The shutdown coincides with a damming new report by several computer security researchers who detail how McColo and other questionable service providers are linked to spam and cybercrime.

McColo's shutdown "demonstrates that when presented with appropriate evidence of criminal activity, the internet community can bring about the positive forces necessary to purge it," the analysts said.

McColo, whose servers were located within the US, at one time hosted up to 40 websites with child pornography, the report said.

McColo also played a big role in spam distribution, said Richard Cox, CIO of Spamhaus, which tracks spamming operations. It hosted websites that could infect people's computers with malicious software used for sending spam, he said.

Hacked computers then become part of a botnet, or networks of PCs that can be used to send spam or attack other websites.

McColo hosted the so-called command-and-control servers for botnets that are used to instruct PCs to send spam. The botnets included Rustock, Srizbi, Pushdo/Cutwail, Ozdok/Mega-D and Gheg, according to the report.

When it received complaints, McColo would shift around the suspect websites on its network and try to erase traces of wrongdoing, Cox said.

"Essentially, a lot of these providers know what their customers are doing and try to protect them," Cox said.

NEXT PAGE: Spam likely to decrease since McColo's access has been cut