By joining our community you will have the ability to post topics and access other forums reserved for members. Registration is quick, simple and absolutely free. Join our community today by clicking here. - Internet Anti-Fraud Center - now open!

 From Fox News: Cybercrime Organization Suddenly Vanishes

View next topic
View previous topic
Post new topicReply to topic
Author Message
Master Baiter

Joined: 31 Oct 2007
Posts: 156
Location: State of Confusion, USA

PostPosted: Thu Nov 15, 2007 7:05 pm Reply with quoteBack to top

Russian Cybercrime Organization Suddenly Vanishes From Web
Wednesday, November 14, 2007

By Rhys Blakely, Jonathan Richards and Tony Halpin

The most notorious player in global cybercrime has suddenly vanished from the Internet, sparking fears that the Russian-based group is set to re-emerge as an even greater threat from a new base in China.
Security experts believe that the Russian Business Network (RBN), a shadowy Internet service provider based in St. Petersburg and run by a figure known only as "Flyman," has played a role in most of the online crime committed in recent years.

Dubbed "the mother of cybercrime," RBN has been linked by security firms to child pornography, corporate blackmail, spam attacks and online identity theft.

It is feared that the group is building a massive new online platform in China, allowing gangs to launch a fresh wave of online crime.

"The U.K. has been a focus for this group and its criminal clients, and things are set to get worse," David Perry, an analyst for Trend Micro, the security group, said.

Any move to China would put the Chinese authorities under enormous pressure to take action against RBN.

Web Site Security experts say that RBN provides "bulletproof" Web sites to criminals. Often resembling legitimate Web sites, these can be used to plant malicious software in the computers of members of the public that visit them.

Infected computers can be used to steal their owners' passwords, secretly send electronic junk mail or launch cyberattacks on government networks.

One alleged "phishing" gang, known as the Rock Group, which used the company's hosting service, is estimated to have made $150 million last year by tricking people into providing bank account details.

The RBN is also said to have developed dozens of fake anti-spyware and anti-virus programs to dupe people into giving it access to their computers in the mistaken belief that they were protecting themselves from online threats.

The RBN's activities are so notorious that VeriSign, one of the world's biggest Internet security companies, has dubbed it "the baddest of the bad."

Even the Bank of India was targeted in August when rogue software designed to steal passwords from customers' computers was discovered. The bank's Web site was shut down while experts debugged it.

Cybercrime has been estimated by the U.S. Treasury to be more valuable than the illegal drug trade worth more than $100 billion a year.

The RBN has also been linked to the Russian authorities and is thought by some analysts to have played a role in the recent assault on Estonian cyberspace.

A report from Symantec, the online security firm, alleges that the RBN has links with the criminal underground and government in Russia.

However, in recent days huge numbers of RBN-hosted sites have disappeared from the Web, leading analysts to speculate that the group is revamping its business model.

"RBN is reorganizing," said Raimund Genes, the chief technology officer of Trend Micro, a security group that has traced attacks by the RBN on corporate and government sites across Europe and US back to servers based in Panama.

One reason is thought to be the recent threats by Russian authorities to impose tougher penalties on Internet criminals.

Another was that large legitimate Internet service providers which the RBN relies on to provide it with Internet access have dropped it as a customer as its activities became more and more notorious.

Some analysts suggested that it is aiming to become a more disparate group, with servers in Panama, Turkey, Malaysia, Singapore, China, the U.S. and Canada.

Analysts have reported unusual bulk registries of thousands of Web addresses in China, which they say fit the past practices of the RBN. China would provide the RBN with an even broader base to support criminal activities.


This is not a signature. I type this at the end of every post to ensure quality control.

Total amount in counterfeit checks taken off the street: $11450USD


"if only u had a little bit more education........u probably wouldn't have ended up this way."...Dr Bola Taylor

"THE GOD OF ABRAHAM WILL DESTROY U THIS 2007 YOU WILL NOT ENTER 2008 ."...henry oranusi (fake minister)
Cellphone x5 Closed lad accounts x6 pony
View user's profileSend private message
Baiting Guru

Joined: 04 Jan 2006
Posts: 3193

PostPosted: Fri Nov 16, 2007 9:51 am Reply with quoteBack to top

Since you ask.
Infamous cybercrime hosting outfit Russian Business Network (RBN) has disappeared again, days after quitting Russia and setting up shop in China.

RBN obtained seven net blocks of Chinese IP addresses. Last Wednesday (8 November), some of RBN's clients began popping up on some of the 5,120 IP addresses it had acquired. But a day later China cut the connection to six of the seven net blocks controlled by RBN, once again forcing it offline.

Security researchers at VeriSign iDefense, who have kept a close eye on the cybercrime network's activities, reckon the organisation may break itself up into smaller parts in an effort to make its business less visible. The days of RBM as a monolithic organisation may be numbered.

"[A break-up] may keep it under the radar, but it's also more expensive for them, and it's riskier, too, because the more ISPs that it has to deal with, the better the chance that one of those ISPs says 'no' to hosting RBN content and shuts them off," an iDefense analyst told Computerworld.

RBN is notorious for hosting multiple instances of malware and web browser exploits. More recently it was fingered as the source of exploits based on a vulnerability in Adobe's Acrobat Reader. Its so-called "bulletproof hosting" facilities are also suspected of harbouring child pornography and phishing sites.
-- The Register

I note my article is dated a day before yours Laughing

Click here to feel warm and cozy.

I did not f**k your wife in any way -- Nike Akanbi
I don't know what else to do or do I continue filling and filling forms. -- Barr. Koloti
you has been dribbling me up and down but I will show some thing you have never seen before, I think you breath air wait and see. -- Sand Timer Barr. Cole
Cellphone x14
United States x 0.25 won from Reaper in a sucker's bet

Hello Kitty! pony Mortar x8 Closed lad accounts x several
View user's profileSend private messageSend e-mailVisit poster's website
Display posts from previous:      
Post new topicReply to topic

 Jump to:   

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

** Find out information about your IP address **

All Content © 2003 -
Powered by phpBB © 2001, 2002 phpBB Group :S5: FI Theme :: All times are GMT