Attackers Buying Own Data Centers for Botnets, Spam

"The malware writers and criminals who run botnets for years have been using shared hosting platforms and so-called bulletproof hosting providers as bases of operations for their online crimes. But, as law enforcement agencies and security experts have moved to take these providers offline, the criminals have taken the next step and begun setting up their own virtual data centers.

"IP address space allocation is handled by five regional Internet registries (RIR), each of which is responsible for a particular group of countries. The RIRs work with large enterprises, ISPs, telecoms and other organizations that need large blocks of IP space. These organizations typically have to go through an application and screening process in order to get these allocations, including providing legal documentation listing the officers of the company, its business and why the address space is needed.

"And that's the way it's supposed to work everywhere. Applicants who can't show a need for the IP space are told politely to take a walk. But in some cases, criminals have found a way around this by going through local Internet registries (LIR) or by taking advantage of RIRs that don't have the resources to investigate every application as fully as they'd like."

Complete Story

Related Stories:

• Cisco: U.S. No Longer the Spam Leader(Dec 09, 2009)
• Mollom: A solution to comment spam(Nov 25, 2009)
• Computer scientists successfully boot one million Linux kernels as virtual machines(Sep 26, 2009)
• Linux botnet discovery points to lazy administrators(Sep 22, 2009)
• New Trojan virus poses online banking threat(Sep 21, 2009)
• The First Linux Botnet?(Sep 13, 2009)
• Defying Experts, Rogue Computer Code Still Lurks(Aug 27, 2009)
• Why Windows security is awful(Aug 25, 2009)
• Botnets must die(Aug 25, 2009)