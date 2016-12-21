Hotbed of Cybercrime Activity Tracked Down To ISP In Ukrainian Civil War Region (bleepingcomputer.com) 31
An anonymous reader writes: Last week, WordPress security firm WordFence revealed it detected over 1.65 million brute-force attacks originating from an ISP in Ukraine that generated more malicious traffic than GoDaddy, OVH, and Rostelecom, put together. A week later, after news of WordFence's findings came to light, Ukrainian users have tracked down the ISP to a company called SKS-Lugan in the city of Alchevs'k, in an area controlled by pro-Russian forces in eastern Ukraine. All clues point to the fact that the ISP's owners are using the chaos created by the Ukrainian civil war to host cyber-crime operations on their servers. Some of the criminal activities the ISP hosts, besides servers for launching brute-force attacks, include command-and-control servers for the Locky ransomware, [email, comment, and forum] spam botnets, illegal streaming sites, DDoS stressers, carding sites, several banking trojans (Vawtrack, Tinba), and infostealers (Pony, Neurevt).
Any time a country occupies another's territory they will employ its infrastructure and resources to further whatever objectives are profitable for the invading country. In the past it might be industries such as steel production, fuel production, mining of natural resources, plundering of various kinds of stockpiles, utilizing manufacturing to produce weapons and munitions to further increase the power of the invading country. Just because these days those resources can also take the form of technologies (such as internet bandwidth and processing power) it makes them no less valuable or exploitable.
The difference now is, that in a world connected by the Internet, if anywhere law and order breaks down, it will affect the rest of the world.
All clues point to the fact that the ISP's owners are using the chaos created by the Ukrainian civil war to host cyber-crime operations on their servers.
or more likely the owners and staff were gunned down or driven off by the civil war, leaving the doors open and business office available for other sundry activities.
or more likely the owners and staff were gunned down or driven off by the civil war, leaving the doors open and business office available for other sundry activities.
Bringing on international police cooperation will not work, as Ukraine does not control that territory.
That creates a difficult diplomatic situation: in order to get a result, one country has to recognize the region's sovereignty. Or alternatively, one can blacklist the offending IPs
Keep in mind, skilled IT workers there, and they need earn for living, so for sure some of them will fall in hands of gangs.
https://www.spamhaus.org/sbl/query/SBL190623
Just block the whole ISP and call it a day
AS43765
91.200.12.0/22
The problem is that the Ukrainian government does not recognize an
individual's God-given right of freedom of speech, freedom to peaceably
assemble, fredom of religion; or their right to bear arms. It was very sad to see
Ukrainians helpless against Russian invaders, since most Ukrainians aren't
allowed to possess firearms. Ukraine does not have citizen soldiers, it has
serfs ruled over by professional soldiers with a sham Democracy. The only real
difference the invasion has made is a change in language of the