I woke up to an empty e-mail inbox yesterday morning. None of the usual spam messages had arrived for more than eight hours. The last time I went for more than an hour without an e-mail message, about seven months ago, it was a mail server failure, and the missing e-mail wasn’t delivered until the business day got going around 9 a.m. This time, though, it was just that no messages had been sent to me for the entire night.
I asked around, and other people were also getting less than the usual volume of spam.
This e-mail silence is apparently the result of the arrest of Oleg Nikolaenko, who the FBI estimates was sending 32 percent of the world’s spam at one point last year. He did this using an outlaw program that security experts identify as Mega-D, which broke into millions of home computers just for the purpose of disguising the origin of e-mail messages. That, of course, is a crime, and if Nikolaenko is guilty and receives a sentence proportionate to the harm caused by his activities, he may never get out of jail. So far, however, he is charged only with a single offense that carries a maximum jail term of three years.
With Nikolaenko in custody, Mega-D is winding down, and it may take a few weeks before the criminal businesses that rely on spam for advertising make deals with other spam vendors. In the meantime, we may have a lighter volume of span for a few days.
The FBI caught up to Nikolaenko by following the money he was collecting. It started when they arrested one of his customers, who was a dealer selling counterfeit watches. After talking to a few more people, they had identified one of Nikolaenko’s e-mail accounts, and with that information, they were able to catch up to him on one of his flights into the United States. Any large-scale enterprise can, eventually, be traced this way, because the money to keep it going has to be coming from somewhere.