Wednesday December 3, 2008 12:49 AM AEST
Vulnerability Alerts
SANS
 
Microsoft
 
CERT/CC
 
 
Latest Comments
"I feel it with you guys. These irritating interruptions on privacy MUST be stopped. It is a ..."
on Yahoo and Microsoft take aim at lottery scams
by Jan Wilmans | Dec 2, 2008 7:11 PM
 
"My AVG WILL NOT UPDATE"
on AVG update deletes critical Windows file
by James Downs | Dec 2, 2008 5:58 AM
 
"Concerned man's comments seem to intimate that if I'm using agents all will be well but the ..."
on Shavlik Technologies to broaden its patch management offerings
by Werner K | Nov 26, 2008 8:36 PM
 
"That will enhance Microsoft Office system, including SharePoint - good platform for enterprise ..."
on Companies have security to consider with in-the-cloud Office
by SGE | Nov 25, 2008 3:29 PM
 
"how many users allow per session? because the digital persona password manager allows only 10 ..."
on DigitalPersona Pro Workstation/Pro Server
by Daniel | Nov 25, 2008 12:14 AM
Web

Russian Business Network disappears again

  • Email a Friend
  • Print Page
Related Articles
By Frank Washkush Jr
Nov 14, 2007 9:58 AM
Tags: "Russian | Business | Network" | "RBN | moves | to | China" | "cybercrime" | "IT | security" | "russisan | botnet" | "russian | crime"
Matthew Richard, director of the Rapid Response Team at VeriSign iDefense, told SCMagazineUS.com today that the RBN disappeared from its Chinese base last Thursday, two days after disappearing from the web.

RBN first became unreachable last Thursday. However, the internet service provider has used such a maneuver before to claim a network was in Panama, said Richard.

“It is unlikely that RBN voluntarily disabled its network. We know that on [Wednesday evening] it had customers using the network. Since its customers rely on the network being available, RBN would stand to lose money and customers by voluntarily shutting down the network,” he said. “It is also possible that its upstream provider caught on to the new network and shut it down quickly. At this point nobody knows with any certainty what caused the network shutdown.”

The RBN was reported to have relocated to China or Taiwan last week, buying seven net blocks of Chinese IP addresses, according to published reports. Experts said at the time that the situation was changing hourly.

The former St. Petersburg-based ISP closed up shop last Wednesday after its last upstream bandwidth provider cut ties with the company following numerous media reports detailing its alleged shady dealings.

The company is known in cybercriminal circles as a bulletproof hosting provider, meaning it has a no-questions-asked policy when it comes to hosting its 4,000 IP addresses, which have been used in a bevy of malicious attacks, from spam to phishing to IFRAMEs.

A RBN representative could not be reached for comment.

Richard Cox, chief information officer of the anti-spam nonprofit Spamhaus, told SCMagazineUS.com today that the relocation to China was likely a ruse to disguise the RBN's next move.

“We don't think that they were ever in China. This was a deliberate smokescreen put up to [hide the group's tactics],” he said. “They are certainly difficult to predict, and it's almost too dangerous to make a prediction in public because they almost always do the exact opposite.”

See original article on SC Magazine US

Secure Computing Magazine

 
Ads by Google
Thoughts on this article? Add a comment below.
Be the first to comment on this article.

Report this comment as offensive:

   * Indicates information we require to process your submission.

Name: *
Email: *
Reason for offense: *
Your report will not be displayed.  
Name:
*
 
Email:
(will not be displayed)
*
 
Comment:
(HTML not permitted)
*
 
Validation
*

Enter the code you see below:

 

 
 
 
 
 
Tripwire - Click here to win an iTouch
 
 
Vulnerabilities & Exploits Whitepapers
 
Popular Tags
botnet business christmas crime cybercrime digital firms framework fraud hacker information major mcafee microsoft network report security secuware spam vendors