Forgot your password?
typodupeerror
The Internet Security

Russian Phishers Moving to China? 67

Posted by Zonk
from the change-of-scenery dept.
Hugh Pickens writes "The Russian Business Network, an ISP and Web hosting provider based in St. Petersburg, whose client list amounts to a laundry list of organized cybercrime operations appears to have closed shop after a number of its main upstream Internet providers severed ties with the group. The disappearance of RBN comes less than a month after Brian Krebs of the Washington Post wrote a series of stories detailing the organization and history of the shadowy ISP. However, experts at anti-spam group Spamhaus say there are strong indications that a huge swath of Internet space recently established in China may soon emerge as the next incarnation of the Russian Business Network. In related news FBI Director Robert S. Mueller, III gave a speech on cybercrime earlier this week where he said that the FBI has 60 Legal Attaché offices around the world working with partners in Russia, Romania,Poland, Hungary, Italy, and Estonia, among others, to investigate international cyber threats."
This discussion has been archived. No new comments can be posted.

Russian Phishers Moving to China?

Comments Filter:
  • ISR (Score:3, Funny)

    by eneville (745111) on Friday November 09, 2007 @04:29PM (#21300191) Homepage
    I soviet China ... oh wait ...
  • the Russian mafia has a serious asian fetish!
  • by colonslashslash (762464) on Friday November 09, 2007 @04:30PM (#21300203) Homepage
    Have all their lakes frozen over or something? Damn you global warming! <shakes fist angrily>
  • by zappepcs (820751) on Friday November 09, 2007 @04:33PM (#21300261) Journal
    With phishing being outsourced to China, manufacturing being outsourced to China, Can we expect lead based paint recall phishing to come from China soon?
  • internet 101 (Score:5, Insightful)

    by KevMar (471257) on Friday November 09, 2007 @04:37PM (#21300305) Homepage Journal
    so they move to a country that restricts what they can access on the internet?

    Thats exactly what I would do if I was the ring leader of major internet crime...
    • by TheMeuge (645043)
      It's not about what goes in, but what comes out. And if you grease enough party officials, the Great Firewall of China will turn out to have a lot of trap doors.
    • Re:internet 101 (Score:5, Insightful)

      by BadHaggis (1179673) on Friday November 09, 2007 @04:54PM (#21300557)
      Yes, but if the money is flowing into the right pocket(s) certain services/servers can bypass The Great Firewall. I am sure that these esteemed, and apparently resourceful, businessmen can negotiate a profitable relationship with the Chinese Government. Additionally, I'm not convinced that the Chinese Government is as concerned with what goes out of their country as much as they are concerned with what comes in. Certainly, given the all of the product recalls lately, you're aware of the high standards that the Chinese hold to their exports.
    • Re: (Score:2, Interesting)

      If you can justify to the national ISP that unmonitored Internet access is a business requirement and are willing to pay your access more expensive you get your unmonitored access. It is not illegal, it is not bribery. I know it, my company does it.
  • Pretty soon the only large organized internet crime is going to be the government run kind.
  • "And they laundered money through more than a dozen Internet gambling sites." Aren't there better ways? I mean this has been done for years and it's part of the reason the US has the $10,000 rule.
  • My first wife was American. Second time around, I married a Russian lawyer. Back to eBay, I guess... How much to ship 110 pounds from China, including airholes?
  • The Great Firewall of China meets the Russian Phishing Pond *in* China!
  • Do you think this will make a noticeable difference in the amount of spam coming through?

    I have to say that since 1998, I have really noticed only an increase in the amount of spam, with the only downward swings coming from changing accounts, or my ISP implementing better spam filters. I guess I shouldn't say I haven't noticed any downswings, I have noticed a return to normal levels after a week or so of getting the same spam over and over.

    But I don't think we will even notice this for the week or so it tak
  • According to every single one of the cidr-reports referenced by that spamhaus article, all the blocks of IPs were "withdrawn" Example: http://cidr-report.org/cgi-bin/as-report?as=AS42811 [cidr-report.org]
  • FBI Humor (Score:5, Informative)

    by handy_vandal (606174) on Friday November 09, 2007 @04:59PM (#21300631) Homepage Journal
    FBI Director Robert S. Mueller III sure knows how to slay 'em on the college circuit:

    I recently watched a video on YouTube about the impact of the Internet. And before we go any further, I will answer the question of everyone under the age of 25. Yes, those of us over a certain age are allowed to access YouTube.
    And he's not alone in his youthful wisecracking -- it looks like the FBI, as an institution, has a wicked sense of humor:

    In June of this year, we initiated Operation Bot Roast.
    Link [fbi.gov]

    -kgj
  • So.. (Score:5, Funny)

    by eniac42 (1144799) on Friday November 09, 2007 @05:03PM (#21300675) Journal
    A notice in an office-entrance in St Petersburg reads..

    Gone phishing..
  • I am not sure this would be very common, as Internet provides a great deal of anonymity. There is no way to find and eliminate competition and therefore no need to choose a don for protection. Likewise, if you are caught you are not able to rat out your friends besides the nicknames that they use to connect to IRC from hijacked machines. Maybe there is an agreement to perform hacking and DDOS hits on companies that cooperate with authorities to catch someone. But in general, cyber criminals are a bunch of i
  • Phishers moving to China? I resent that. China doesn't need foreigner phishers, they have their own!!! :p
  • Firewall the World (Score:4, Interesting)

    by TFGeditor (737839) on Friday November 09, 2007 @06:44PM (#21302105) Homepage
    I know I will get modded into oblivion, but I do not care. This is precisely why I firewall the entire world (other than North America) from my server. None of the users nor myself have any legitimate contacts or interests overseas, so blocking all traffic sourcing anywhere except North America reduces the spam load by 98% and virtually eliminates intrusion attempts.

    Offensive to you? Why? What legitimate need do you have to access my server? My company has absolutely nothing to interest you. Therefore, what reason could you possibly have to access my server?

    Let the bloodletting begin.
    • by moz25 (262020)
      It seems unlikely that anyone is going to care about you or your site.

      Then again, firewalling out high-risk IP blocks such as from China or Russia is not necessarily a bad idea. They can go to the .cn or .ru portal versions!
      • by TFGeditor (737839)
        Our readers/customers care, hence firewalling the rest of the world.

        • by moz25 (262020)
          To phrase it more clearly: in spite of the flaming or downmodding you apparently expected, no one is likely to care enough about you or your site to get worked up about it.

          You already know that this method is only practical for small sites of little economic consequence and that isolationalist ideas aren't likely to be well-received on an international site like SlashDot.

          What's your point then? Are you trolling? It's not exactly a novel or clever idea to use geo-targeted filtering or routing. That's what CD
    • by qzulla (600807)
      Yer right. No one outside our country would care about Texas fish and game.

      Heck. Why not block the rest of the states? We don't care either.

      Are you the webmaster? I wouldn't admit it.

      qz
    • by protobion (870000)
      I presume your walled website is www.fishgame.com . I accessed the site, and it seems I can get through. I even almost ordered the Free Decals. I am definitely not based in North America. So, is your website really walled? Or did you just want to get your website /.-ed.
    • blocking all traffic sourcing anywhere except North America reduces the spam load by 98%
      I find that very hard to believe since most spam comes from the United States according to Spamhaus [spamhaus.org]. As a European I would block the US, Russia and China to keep the load off my servers.
      • by TFGeditor (737839)
        Believe what you will. I know it works for me. Opinions/beliefs to the contrary are irrelevant.
        • by andersh (229403) *

          Believe what you will. I know it works for me. Opinions/beliefs to the contrary are irrelevant.

          Good luck with that. I'll remember that next time I get another "mortgage offer". It might work for you, but the truth is that the majority of spam is from Americans, for Americans and by Americans.

          Don't get me wrong, I'm not anti-American in general, but I hate getting vast amounts of spam for products that I will never buy because I'm in another country. If I blocked every national TLD except my own I would no

          • by TFGeditor (737839)
            Regardless of who spam is "from," it invariably is *sent* via spambots. And years of experience is that the majority of spam comes from compormised machines "overseas." The owner of the spamvertized website (which invariably are hosed in China, Russia, India, Mexico, et al) might in fact be American, but for my purposes that, too, is irrelevant.

            According to the Spamhaus Register of Known Spam Operations (ROKSO) database: "Many of these spam operations pretend to operate 'offshore' using servers in Asia and
            • And years of experience is that the majority of spam comes from compormised machines "overseas."

              Do you have any evidence or links that proves this? Because I would like to point out that the US has quite a large percentage of the worlds computers (and Microsoft Windows). China is obviously the biggest market for PCs nowadays, but they also prefer a cheap Linux OS.

              The owner of the spamvertized website ... might in fact be American, but for my purposes that, too, is irrelevant.

              Sure, I agree, the ownership

              • by TFGeditor (737839)
                "Of course there's probably a link between purchasing spam ad campaigns, "financing" their bot networks, and ultimately supporting their phishing activities."

                Quite correct. DDOS attacks are another element. Bot herders "rent" their botnets to literally anyone, including entities and individuals who wish to DDOS a competitor's or enemy's website, or for extortion schemes. ("Send money and the DDOS attack will stop.") Spammers et al also DDOS Spamhaus, Castle Cops, SpamCops, and other anti-spam/phishing organ
  • ...in Panama. inetnum: 81.95.148.0 - 81.95.151.255 netname: RBNET descr: RBusiness Network country: PA admin-c: RNR4-RIPE tech-c: RNR4-RIPE status: ASSIGNED PA mnt-by: RBN-MNT source: RIPE # Filtered role: RBusiness Network Registry address: RBusiness Network address: The Century Tower Building address: Ricardo J. Alfari Avenue address: Panama City address: Republic of Panama
  • You should do what you are good at.

    Two things Russians are very good at: hacking and organized crime.

    When combined, it's a sight to see.
  • So.... Block these networks. Think I got them all.
    194.110.69.0/24
    91.198.71.0/24
    91.194.140.0/23
    91.196.232.0/22
    91.195.116.0/23
    91.193.40.0/22
    91.193.56.0/22
    193.33.128.0/23
  • In soviet Russia, the internet crimes you!
  • As much as I hate (russian|chinese|korean|nigerian) spammers/botnets, I don't see how the FBI could possibly help. I know it's draconian, but I simply block off all access to my servers from a number of IP ranges I deem unfit, and that includes the aforementioned countries. Frankly, that's all the help I need.

    Digital racism ? Maybe. It's not that I don't like chinese people, I just like them better when they don't harbor heinous criminals. Heck, I like white folk better when they don't harbor heinous c
  • Well, perhaps we will see some humor in the new wave of phishing as they will all be delivered in Chinglish [wikipedia.org].

I'd rather just believe that it's done by little elves running around.

Working...