Taking down malicious sites has been part of daily life for years now, and I still love every second of it. Primarily because it annoys the bad guys, but mostly because it means there's less malicious sites (for a second anyway) for people to get infected via.
During the years, there's been many changes in the responses from hosting companies and registrars. GoDaddy have become one of the best at take downs and cleanups, courtesy of my good friend William (GoDaddy abuse dept), DirectI are challenging FreeHostia for the title of "quickest to respond and action an abuse report" (record currently held by FreeHostia at an unbelievable 4 minutes!), responding to and actioning, an abuse report in under 6 minutes (GoDaddy are close to beating this too, depending on when the report is sent in).
Sadly however, something never change. .co.cc still don't appear to have put any measures in place to prevent bad guys misusing their services. Dot.tk still won't take down a malicious domain if the registrant has paid for the domain, NameCheap and eNom STILL seem to be willingly allowing malicious domains to be registered through them (evident by eNoms lack of response, and NameCheaps refusal to take action, regardless of the domain in question, on the basis they're "only the registrar").
The most hilarious however, is RapidSwitch, who I blogged about back in 2008, and a few more times since - still have me blocked, which prevents my sending abuse reports to them (or it would if I only had one e-mail address). Little hint RapidSwitch, blocking abuse reports does one thing and one thing only - guarantees you'll keep the title of crime-ware friendly, and continue to have your IP ranges blocked!, not sure your customers are going to be happy about that (I look forward to hearing the excuse you're going to give them).
I also noted, along with co.cc, another ccTLD registrar that's seemingly doing nothing to stop the rising number of hostnames being created via their service - ce.ms. Though, given it's run by cz.cc, this perhaps isn't very surprising. It is important to note of course, the issues here aren't caused by their offering the domains for free (evident by there being far more abuse on paid TLDs such as .com), it's caused both by their complete failure to put measures in place for prevention, and their seemingly allowing bulk/scripted registrations (a problem ALL registrars have).
In an effort not to bore you to death, I'm keeping this short, but look for further updates in the future regarding this.
Take downs and cleanups: The good, and the rest