Joined
·
39,718 Posts
Spammers in China are being offered a great deal - just $700 (£460) to use a server that allows the sending of as much spam as they want. . It's called bulletproof hosting, and to the people who fight spam and cybercrime it's becoming a big problem.
Cybercriminals use these services not just to host servers, but also to register Internet domain names that they use for spam and online attacks. In a three-month period this year, researchers at the University of Alabama at Birmingham traced more than 22,300 domains, all used to send online pharmaceutical spam, to just six bulletproof computers hosted in China, said Gary Warner, director of research in computer forensics at the university.
The Waledac Trojan, which uses clever social-engineering techniques to spread itself, has been using bulletproof domain names to keep itself alive, Warner said. "We had over 70 domains that the entire community worked their butts off and tried for four months to try to shut," he said. "Because we can't shut down the domain names we can't shut down the spread of the virus."
Bulletproof domain-name registration is even cheaper than bulletproof servers. A criminal can anonymously register a bulletproof domain for $100.
Several dozen bulletproof hosting services operate worldwide, but the "vast majority" of them are in China, Warner said. Even scammers from countries considered soft on spam use the services because they are so reliable, he added. "Even the Russians use the Chinese bulletproof registrars."
The providers are upfront about what their services are used for.
Here's how one company, Tecom, promotes its service: "Usually, your web hosting provider will shut down your web site within days, or even sooner, if they find out you are sending bulk emails and directing people to your site on their server. Bullet-Proof Web Hosting helps you to direct customers to your website, and you won't have to worry about being shut down because of spam complaints."
http://www.techworld.com/security/news/index.cfm?RSS&NewsID=115576
Cybercriminals use these services not just to host servers, but also to register Internet domain names that they use for spam and online attacks. In a three-month period this year, researchers at the University of Alabama at Birmingham traced more than 22,300 domains, all used to send online pharmaceutical spam, to just six bulletproof computers hosted in China, said Gary Warner, director of research in computer forensics at the university.
The Waledac Trojan, which uses clever social-engineering techniques to spread itself, has been using bulletproof domain names to keep itself alive, Warner said. "We had over 70 domains that the entire community worked their butts off and tried for four months to try to shut," he said. "Because we can't shut down the domain names we can't shut down the spread of the virus."
Bulletproof domain-name registration is even cheaper than bulletproof servers. A criminal can anonymously register a bulletproof domain for $100.
Several dozen bulletproof hosting services operate worldwide, but the "vast majority" of them are in China, Warner said. Even scammers from countries considered soft on spam use the services because they are so reliable, he added. "Even the Russians use the Chinese bulletproof registrars."
The providers are upfront about what their services are used for.
Here's how one company, Tecom, promotes its service: "Usually, your web hosting provider will shut down your web site within days, or even sooner, if they find out you are sending bulk emails and directing people to your site on their server. Bullet-Proof Web Hosting helps you to direct customers to your website, and you won't have to worry about being shut down because of spam complaints."
http://www.techworld.com/security/news/index.cfm?RSS&NewsID=115576
