[ISN] In China, $700 puts a spammer in business

From: InfoSec News <alerts_at_private>
Date: Mon, 11 May 2009 01:15:40 -0500 (CDT)

By Robert McMillan
IDG News Service

It's a great deal, if you're a spammer.

You pay US$700 to use a server in China that lets you send all the spam 
you like. It's called bulletproof hosting, and to the people who fight 
spam and cybercrime it's becoming a big problem.

Cybercriminals use these services not just to host servers, but also to 
register Internet domain names that they use for spam and online 
attacks. In a three-month period this year, researchers at the 
University of Alabama at Birmingham traced more than 22,300 domains, all 
used to send online pharmaceutical spam, to just six bulletproof 
computers hosted in China, said Gary Warner, director of research in 
computer forensics at the university.

The Waledac Trojan, which uses clever social-engineering techniques to 
spread itself, has been using bulletproof domain names to keep itself 
alive, Warner said. "We had over 70 domains that the entire community 
worked their butts off and tried for four months to try to shut," he 
said. "Because we can't shut down the domain names we can't shut down 
the spread of the virus."

Bulletproof domain-name registration is even cheaper than bulletproof 
servers. A criminal can anonymously register a bulletproof domain for 


LayerOne 2009, Information Security for the discerning professional. 
May 23-24 2009 @ The Anaheim Marriott in Anaheim, California 
Visit http://layerone.info for more information
Received on Sun May 10 2009 - 23:15:40 PDT

This archive was generated by hypermail 2.2.0 : Sun May 10 2009 - 23:51:35 PDT