Boing Boing Staging

IP-block jacking

A new form of online crime — hijacking IP addresses.

Los Angeles County had been hit by a growing type of hi-tech fraud, in which large, and usually dormant, segments of the Internet’s address space are taken away from their registered users through an elaborate shell game of forged letters, ephemeral domain names and anonymous corporate fronts. The patsies in the scheme are the four non-profit registries that parcel out address space around the world and keep track of who’s using it. The prizes are the coveted “Class B” or “/16” (read “slash-sixteen”) address blocks that Internet authorities passed out like candy in the days when address space was bountiful, but are harder to get legitimately now.

The most rapacious consumers of the stolen address space are spammers trying to stay a step ahead of anti-spam blacklists. A /16 provides a lot of addresses to hide behind, a lot of launch pads for unwanted e-mail, squats for hastily-erected spamvertised websites, and attack points from which one can scan the Internet for misconfigured proxy servers– useful for laundering even more spam. Some anti-spam investigators believe an underground economy exists in which a large block of address space is broken down and re-sold in smaller chunks like a boosted Acura in a chop-shop. “Money is changing hands,” says Kai Schlichting, a veteran network engineer who tracks down stolen IP space in his spare time. “I wouldn’t be surprised if you could sell a /16 for $100,000 in bits and pieces.”

Link

Discuss

(via Hack the Planet)

Exit mobile version