Why Yahoo! e-mail may be worth using again, non-Jerry Yang edition:
Security researchers, anti-spam groups and the whole security community in general were taken by surprise yesterday when reports of a sudden drop in junk mail activity started flowing in. This was the result of ISPs depeering McColo Corp., a U.S. based company offering web hosting services to many international cybercrime organizations.
First, there was the gathering of evidence:
McColo Corp. is based in San Jose, California and offers web hosting solutions. Nothing bad so far, but according to many reports and an important amount of evidence, a large number of their clients are shady at best. Security experts estimate that the spam generated by the illegal activities hosted by McColo amounts for a whooping 75% of the junk mail sent everyday on a global level.
Then it was presented to the companies that could do something about it.
Brian Krebs, reputable journalist at The Washington Post, informed on the Security Fix blog that he was involved with forwarding evidence of the criminal activity to Global Crossing and Hurricane Electric, McColo’s two major Internet service providers. “For the past four months, Security Fix has been gathering data from the security industry about McColo Corp. […] On Monday, Security Fix contacted the Internet providers that manage more than 90 percent of the company’s connection to the larger Internet, sending them information about badness at McColo as documented by the security industry,” he writes.
Then it was left to two companies to examine the evidence. Compare and contrast:
According to Krebs, while the response from Global Crossing was rather evasive, Hurricane Electric was a lot more responsive to the abuse report and even quick to act about it. “We looked into it a bit, saw the size and scope of the problem you were reporting and said ‘Holy cow! Within the hour we had terminated all of our connections to them,” Benny Ng, the Freemont-based ISP’s Director of Marketing, told Krebs.