Botnet and malware creeps are setting up their own ISPs, with their own IP blocks, so that spamfighters don't have anyone to complain to when they run them to ground:
"It's gotten completely out of hand. The bad guys are going to some local registries in Europe and getting massive amounts of IP space and then they just go to a hosting provider and set up their own data centers," said Alex Lanstein, senior security researcher at FireEye, an antimalware and anti-botnet vendor. "It takes one more level out of it: You own your own IP space and you're your own ISP at that point.
"If there's a problem, who are you going to talk to? It's a different ball game now. These guys are buying their own data centers. These LIRs and RIRs aren't going to push back if you say you need a /24 or /16. They're not the Internet police," Lanstein said…
"This is part of the problem that's causing the IPv4 shortage," Lanstein said, referring to the imminent exhaustion of the IPv4 address space, forecasted to occur in less than two years. "They stop paying the bills, the space gets null-routed and then it's a mess. There's clear fraud going on, but who can do something about it?"
Attackers Buying Own Data Centers for Botnets, Spam
(via /.)
- Time-lapse of botnet's spread around the world – Boing Boing
- Have botnet prices crashed? – Boing Boing
- StormWorm botnet lashes out at security researchers – Boing Boing
- 1.4GB of personal data recovered from botnet server – Boing Boing
- "Botnet" hacker pleads guilty to scheme that netted $61K – Boing Boing
- Largest botnets in the world — and the one that will dwarf them …
- Eavesdropping on a botnet – Boing Boing
- Exploit code for China's "Green Dam" censorship app permits remote …