Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Crime Security Communications Earth Network Networking The Internet Technology

Hotbed of Cybercrime Activity Tracked Down To ISP In Region Where Russia Is Invading Ukraine (bleepingcomputer.com) 70

An anonymous reader writes: Last week, WordPress security firm WordFence revealed it detected over 1.65 million brute-force attacks originating from an ISP in Ukraine that generated more malicious traffic than GoDaddy, OVH, and Rostelecom, put together. A week later, after news of WordFence's findings came to light, Ukrainian users have tracked down the ISP to a company called SKS-Lugan in the city of Alchevs'k, in an area controlled by pro-Russian forces in eastern Ukraine. All clues point to the fact that the ISP's owners are using the chaos created by the Russian military intervention in Ukraine to host cyber-crime operations on their servers. Some of the criminal activities the ISP hosts, besides servers for launching brute-force attacks, include command-and-control servers for the Locky ransomware, [email, comment, and forum] spam botnets, illegal streaming sites, DDoS stressers, carding sites, several banking trojans (Vawtrack, Tinba), and infostealers (Pony, Neurevt). UPDATE 12/22/16: The headline and summary have been updated to reflect the fact that Ukraine is fighting a Russian invasion, and is not in a "civil war," as mentioned in the source.
This discussion has been archived. No new comments can be posted.

Hotbed of Cybercrime Activity Tracked Down To ISP In Region Where Russia Is Invading Ukraine

Comments Filter:
  • Don't doubt we will be hearing about them in the news in the near future. Whose drones? Who knows.
  • by Anonymous Coward

    This is what is in stall for the rest of us if the reds take hold!

    • by Anonymous Coward

      In store! IN STORE!

      Jesus. And English isn't even my first or second language.

  • Makes sense (Score:5, Insightful)

    by Dan East ( 318230 ) on Wednesday December 21, 2016 @08:53PM (#53534795) Journal

    Any time a country occupies another's territory they will employ its infrastructure and resources to further whatever objectives are profitable for the invading country. In the past it might be industries such as steel production, fuel production, mining of natural resources, plundering of various kinds of stockpiles, utilizing manufacturing to produce weapons and munitions to further increase the power of the invading country. Just because these days those resources can also take the form of technologies (such as internet bandwidth and processing power) it makes them no less valuable or exploitable.

    • by quax ( 19371 )

      The difference now is, that in a world connected by the Internet, if anywhere law and order breaks down, it will affect the rest of the world.

  • Comment removed (Score:4, Interesting)

    by account_deleted ( 4530225 ) on Wednesday December 21, 2016 @08:59PM (#53534821)
    Comment removed based on user account deletion
    • or more likely the owners and staff were gunned down or driven off by the civil war, leaving the doors open and business office available for other sundry activities.

      And if that happened at AT&T/Verizon would it even make the news?

      • by Agripa ( 139780 )

        or more likely the owners and staff were gunned down or driven off by the civil war, leaving the doors open and business office available for other sundry activities.

        And if that happened at AT&T/Verizon would it even make the news?

        The rooms with the NSA gear to tap all AT&T communications made the news and nobody cared.

    • by Zontar_Thing_From_Ve ( 949321 ) on Thursday December 22, 2016 @08:51AM (#53536703)

      All clues point to the fact that the ISP's owners are using the chaos created by the Ukrainian civil war to host cyber-crime operations on their servers.

      or more likely the owners and staff were gunned down or driven off by the civil war, leaving the doors open and business office available for other sundry activities.

      Possible, but not "more likely". In the past decade I spent a good amount of time in Ukraine and I've been to a lot of different parts of it, particularly in the Russian speaking parts. In fact, the last city I went to is now completely under control of rebels and airport I flew out of in Donnetsk doesn't exist any more. While I do still have mostly good memories of being there, I can tell you that in general the people in Ukraine are a lot less honest than you'll find by default in Western Europe. This is especially true in Russian speaking regions. I regard it as a holdover legacy of the Soviet Union and its collapse. The Soviet Union essentially legalized bribery by not caring enough to punish people who took bribes. And the collapse of the Soviet Union resulted in a bunch of greedy, low class Communist Party connected individuals who grabbed formerly state run businesses for pennies on the dollar and manipulated those into vast personal fortunes. So a lot of Ukrainians have learned that corruption is everywhere, nobody wants to stop it, and everybody who gets ahead cheated their way to the top. It could be that people who've always lived there are still there and exploiting the situation or it could be new people are exploiting it or this is being done to fund the Russian government sending weapons across the border. All I can say is that with the chaos and anarchy currently in that part of Ukraine that whoever is doing it is probably never going to be stopped by whoever is in charge as they're likely paying those people off.

  • by Required Snark ( 1702878 ) on Wednesday December 21, 2016 @09:00PM (#53534825)
    How much is a delivered Tomahawk with the self guided air delivery option?
  • Bringing on international police cooperation will not work, as Ukraine does not control that territory.

    That creates a difficult diplomatic situation: in order to get a result, one country has to recognize the region's sovereignty. Or alternatively, one can blacklist the offending IPs

  • Can't be Russia. (Score:3, Insightful)

    by Anonymous Coward on Wednesday December 21, 2016 @09:15PM (#53534873)

    LALALALALA cant hear you, Vlad would never do anything like this and wouldn't allow his people to do it either. Wouldnt want to make Vlad or his puppets mad. I wouldnt want to get my tea poisoned with thallium.

  • Maybe that will send a message...

  • Don't be surprised, if everybody decide to demonize and ignore civil rights of some part of world for sake of "keep irritating russia" and "let's assume as humans only friendly to us dudes", definitely those in war zone will become even more rogue and do more and more nasty things.
    Keep in mind, skilled IT workers there, and they need earn for living, so for sure some of them will fall in hands of gangs.
    • by Anonymous Coward

      I'm sorry but "keep irritating Russia" ? You mean the country who invaded a sovereign country and annexed one part of the country while supporting those fighting a civil war for control of the rest of the country. Putin is a pathological liar who makes damn sure every media outlet in the country reports only what he wants them to report. He supplied the anti-aircraft missile battery to the ass hats who promptly used it to shoot down a commercial airplane. Russian troops get captured and paraded on TV and Ru

  • by Anonymous Coward on Wednesday December 21, 2016 @11:23PM (#53535335)

    https://www.spamhaus.org/sbl/query/SBL190623

    Just block the whole ISP and call it a day

    • by Serif ( 87265 )

      Agreed.

      Other useful information for those that can make use of it.

      AS43765
      91.200.12.0/22

  • by Z_God ( 593169 ) on Thursday December 22, 2016 @03:37AM (#53535837)
    The idea that there's a civil war in Ukraine comes from Russian propaganda. There's actually a war against Russia going on there. The people who initiated it and the people on which it relies today all have Russian citizenship.
  • Did you know donald trump emphasizes with these pro-russians? Perhaps the allegations to the russian government aren't that far fetched at all and did these hacktivists disrupt the democratic party's campaign on purpose.

  • by vityok ( 1040682 ) on Thursday December 22, 2016 @05:08AM (#53536019)
    UN GA just days ago adopted a resolution finally admitting that Ukraine is a victim of the Russian military agression. Crimea is now an internationally recognized ocuppied region. The war in the eastern parts of the country is also between two nation-states: Ukraine and Russia. Claims about a "civil war" are distilled Fake News, a lie, Kremlin's disinformation.
    • The problem is that the Ukrainian government does not recognize an
      individual's God-given right of freedom of speech, freedom to peaceably
      assemble, fredom of religion; or their right to bear arms. It was very sad to see
      Ukrainians helpless against Russian invaders, since most Ukrainians aren't
      allowed to possess firearms. Ukraine does not have citizen soldiers, it has
      serfs ruled over by professional soldiers with a sham Democracy. The only real
      difference the invasion has made is a change in language of the

      • by mi ( 197448 )

        Ukrainian government does not recognize an individual's God-given right of freedom of speech, freedom to peaceably assemble, freedom of religion; or their right to bear arms

        Actually, the recognition of these rights is not noticeably worse in Ukraine, than in the US.

        Ukraine does not have citizen soldiers

        Dude, who do you think stopped the Russian invasion from taking over the rest of Ukraine? Back in 2014 the official military was in such disarray, they could be stopped by brainwashed villagers — it was

      • by orient ( 535927 )
        Actually, God did not give humans rights, He gave laws, very harsh laws and limited the right to speak to God prising only. The real freedom of speech, speaking against God, was to be punished by death.
    • UN GA just days ago adopted a resolution finally admitting that Ukraine is a victim of the Russian military aggression.

      For better or worse, the part of the United States' electorate, to whom you want to appeal, view the United Nations with skepticism. So, instead of appealing to a questionable authority, try the following argument...

      Imagine, Americans, Mexican government declaring Trump's election "a coup", his assemblage of generals [politico.com] — a junta [workers.org], which placed the Latinophobic Nazi [latimes.com] in power, contrary to the wishes of most Americans. Out of concern for the brotherly nation [rferl.org], Mexican government is encouraging volunteers to cross into California, Arizona, and Texas to help the local Spanish-speaking "self-defense" militias protect themselves against the White English-speaking bigots, who've persecuted the Spanish-speaking minority for years [democracynow.org]. In places stolen from Mexico before [wordpress.com], these polite volunteers [wikipedia.org] in military uniforms without any official insignia are already organizing a referendum [bbc.com] to leave the US and join Mexico.

      Patriotic Americans attempting to resist the invasion are denounced as racists and shot at with military-style efficiency. Although officially Mexico is not a party to this "civil war", its troops are regularly encountered on the battlefields — all of them are then found to have been "on leave" from their units. Artillery bombardment of American forces seems to originate from across the border [bellingcat.com], but no one can say for sure.

      Would you still say, it is a civil war — Americans fighting other Americans?

      • by javilon ( 99157 )

        Please mod parent up

      • by moeinvt ( 851793 )

        That's one of the best /. analogies ever. Well done. We've even got the allegations of a third-party facilitating the coup.

        Assuming that the objective of Hispanic forces in those states is to exit the USA and join Mexico, I would not call it a "civil war". IMO, the term "civil war" should be reserved for situations where two or more factions within a nation are fighting to seize power over the whole nation. By the same token, I refuse to refer to the 1861-1865 war in the USA as a "civil war" because the

        • by mi ( 197448 )

          would not call it a "civil war". IMO, the term "civil war" should be reserved for situations where two or more factions within a nation are fighting to seize power over the whole nation [...] I refuse to refer to the 1861-1865 war in the USA as a "civil war" because the South was not trying to take over Washington DC

          You are wrong, the term "civil war" in English [princeton.edu] means:

          a war between factions in the same country

          Note, that the objective does not matter... Wikipedia's expanded definition and explanation [wikipedia.org] says

          • by moeinvt ( 851793 )

            How can I be wrong when I said it was my opinion that the term should be used more narrowly?

            "...a war between factions in the same country..."

            In the OP's hypothetical scenario, hostilities have erupted before any legal separation, so I suppose there's an argument for using the term, even though separation is the goal. When The South legally seceded from the union however, it was no longer the same country, thus, according to that definition, the 1861-1865 conflict was not a "civil war".

            I must disagree w

            • How can I be wrong when I said it was my opinion that the term should be used more narrowly?

              It is wrong to change the very meaning of a word and then argue, other people aren't using it correctly.

  • Why is it I don't believe any of this?

Technology is dominated by those who manage what they do not understand.

Working...