Infamous Russian malware gang vanishes

By Tom Espiner, ZDNet UK
Monday, November 12, 2007 09:47 AM

An alleged Russian malware hosting gang has abruptly disappeared, according to Trend Micro.

The Russian Business Network (RBN), which was allegedly heavily involved in hosting malware packing kits--development suites for malware--suddenly dropped off the Internet on Tuesday, said the security company.

"It feels like their upstream providers put them on a black list, and terminated services to this problematic customer," said Raimund Genes, chief technology officer for Trend Micro's antivirus division, on Friday.

Researchers from Internet security company VeriSign said that RBN has been able to offer "bullet-proof hosting" for malware by means of links to the Russian government.

Genes claimed it is likely that whatever protection RBN enjoyed was withdrawn because the group had overreached itself. "All kinds of cybercrime was on RBN sites, but recently they've become too greedy," said Genes. "They infiltrated a Turkish government site so that it pointed to a site in Panama that was registered under RBN. [The site] was rented to multiple malware gangs."

Genes added that some U.S. government and Brazilian sites, which he declined to identify specifically, had been compromised through SQL injection attacks to make them point to other RBN sites compromised with malware. "Maybe some government was upset by [RBN] activity," said Genes.

Although Trend Micro says it cannot be 100 percent sure, the company believes that the gang has shifted operations to Asia. Sites hosted in Taiwan and China are now hosting malware packing kits and malware which had been commonly hosted on RBN sites.

"Sites in Taiwan and China are now hosting malware with the same behavior," said Genes. "MPack [packer kit] and its IcePack add-on are being offered, as well as Iframe exploits."

MPack is a PHP-based malware kit that allows its developers to sell modules of malicious code, while Iframe malware targets browsers by attacking vulnerabilities in the way they handle Iframe HTML tags.


See also:  Security
WORTHWHILE?

0

0 votes
Blog

Talkback 0 comments

There are currently no comments for this post.


Tech Jobs Now!

Search for your ideal tech job:

News from Countries/Region

Common ways IT wastes money on development

Web Development

Examples include using developers as support staff and failing to calculate a project's ROI before giving it the go-ahead.


Read more »



  • Enterprise 2.0

    Vince Casarez, vice president of product management at Oracle, explains how Web 2.0 technologies, such as tags, wikis, and mash-ups, can be applied within an organization.
    Play video


  • Nehalem Architecture

    What makes next-generation Intel® Microarchitecture (Nehalem) such a superior successor?
    Play video

 
Free the untapped potential of your IT infrastructure
Reduce bottlenecks to drive the efficiency and productivity of Business IT.
» Ultimate virtualization blade
» Scalable SAN solution
» Accelerate service delivery
On demand CRM goes strategic
CRM technology has come of age, and is now able to align with your customer strategy and grow in step with your business.

» Learn more about Oracle’s CRM Solutions



Could this be the most critical budget for India?

Blog thumbnail

For business journalists in India, budget time is excitement time. It's like sports journos covering the Olympics. As a newspaper correspondent, I too had my fill of budget-time excitement. But..... by Swati Prasad

Read more »

Tags

  1. attack
  2. bank
  3. blog
  4. data security
  5. e - mail
  6. hacking
  7. internet
  8. malware
  9. microsoft corp.
  10. network
  11. network security
  12. pc security
  13. researcher
  14. security
  15. security management
  16. software
  17. spam and phishing
  18. u.s.
  19. viruses and worms
  20. web