|
McColo
McColo was a US-based web hosting service provider that was, for a long time, the source of the majority of spam-sending activities for the entire world. In late 2008, the company was shut down by two upstream providers, Global Crossing and Hurricane Electric, because a significant amount of malware and botnets had been trafficking from the McColo servers. History McColo was formed by a 19-year-old Russian hacker and student named Nikolai. Nikolai's nickname was "Kolya McColo"; hence the name of the provider. Malware traffic At the time of termination of its upstream service on November 11, 2008, it was estimated that McColo customers were responsible for a substantial proportion of all email spam then flowing and subsequent reports claim a two-thirds or greater reduction in global spam volume. This reduction had been sustained for some period after the takedown. McColo was one of the leading players in the so-called "bulletproof hosting" market — ISPs that will allow servers ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Brian Krebs
Brian Krebs (born 1972) is an American journalist and investigative reporter. He is best known for his coverage of profit-seeking cybercriminals.Perlroth, Nicole.Reporting From the Web's Underbelly. ''The New York Times''. Retrieved February 28, 2014. Krebs is the author of a daily blog, KrebsOnSecurity.com, covering computer security and cybercrime. From 1995 to 2009, Krebs was a reporter for ''The Washington Post'' and covered tech policy, privacy and computer security as well as authoring the ''Security Fix'' blog. He is also known for interviewing hacker 0x80. Early life and education Born in 1972 in Alabama, Krebs earned a B.A. in International Relations from George Mason University in 1994. His interest in cybercriminals grew after a computer worm locked him out of his own computer in 2001. Career 1999–2007 Krebs started his career at ''The Washington Post'' in the circulation department. From there, he obtained a job as a copy aide in the Post newsroom, where he split h ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Rustock
The Rustock botnet was a botnet that operated from around 2006 until March 2011. It consisted of computers running Microsoft Windows, and was capable of sending up to 25,000 spam messages per hour from an infected PC. At the height of its activities, it sent an average of 192 spam messages per compromised machine per minute. Reported estimates on its size vary greatly across different sources, with claims that the botnet may have comprised anywhere between 150,000 and 2,400,000 machines. The size of the botnet was increased and maintained mostly through self-propagation, where the botnet sent many malicious e-mails intended to infect machines opening them with a trojan which would incorporate the machine into the botnet. The botnet took a hit after the 2008 takedown of McColo, an ISP which was responsible for hosting most of the botnet's command and control servers. McColo regained Internet connectivity for several hours, and in those hours up to 15 Mbit a second of traffic was o ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Bulletproof Hosting
Bulletproof hosting (BPH) is technical infrastructure service provided by an Internet hosting service that is resilient to complaints of illicit activities, which serves criminal actors as a basic building block for streamlining various cyberattacks. BPH providers allow online gambling, illegal pornography, botnet command and control servers, spam, copyrighted materials, hate speech and misinformation, despite takedown court orders and law enforcement subpoenas, allowing such material in their acceptable use policies. BPH providers usually operate in jurisdictions which have lenient laws against such conduct. Most non-BPH service providers prohibit transferring materials over their network that would be in violation of their terms of service and the local laws of the incorporated jurisdiction, and oftentimes any abuse reports would result in takedowns to avoid their autonomous system's IP block being blacklisted by other providers and by Spamhaus. History BPH wa ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Srizbi Botnet
Srizbi BotNet is considered one of the world's largest botnets, and responsible for sending out more than half of all the spam being sent by all the major botnets combined. The botnets consist of computers infected by the Srizbi trojan, which sent spam on command. Srizbi suffered a massive setback in November 2008 when hosting provider Janka Cartel was taken down; global spam volumes reduced up to 93% as a result of this action. Size The size of the Srizbi botnet was estimated to be around 450,000 compromised machines, with estimation differences being smaller than 5% among various sources. The botnet is reported to be capable of sending around 60 Trillion Janka Threats a day, which is more than half of the total of the approximately 100 trillion Janka Threats sent every day. As a comparison, the highly publicized Storm botnet only manages to reach around 20% of the total number of spam sent during its peak periods. The Srizbi botnet showed a relative decline after an aggressiv ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Pushdo
The Cutwail botnet, founded around 2007, is a botnet mostly involved in sending spam e-mails. The bot is typically installed on infected machines by a Trojan component called Pushdo. It affects computers running Microsoft Windows. History In June 2009 it was estimated that the Cutwail botnet was the largest botnet in terms of the amount of infected hosts. Security provider MessageLabs estimated that the total size of the botnet was around 1.5 to 2 million individual computers, capable of sending 74 billion spam messages a day, or 51 million every minute, equal to 46.5% of the worldwide spam volume. In February 2010 the botnet's activities were slightly altered when it started a DDoS attack against 300 major sites, including the CIA, FBI, Twitter and PayPal. The reasons for this attack weren't fully understood, and some experts described it as an "accident", mainly due to the lack of damage and disruption, along with the infrequency of the attacks. In August 2010, researchers fr ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Mega-D Botnet
The Mega-D, also known by its alias of Ozdok, is a botnet that at its peak was responsible for sending 32% of spam worldwide. On October 14, 2008, the U.S Federal Trade Commission, in cooperation with Marshal Software, tracked down the owners of the botnet and froze their assets. On November 6, 2009, security company FireEye, Inc. disabled the Mega-D botnet by disabling its command and control structure. This was akin to the Srizbi botnet takedown in late 2008. The Mega-D/Ozdok takedown involved coordination of dozens of Internet service providers, domain name registrars, and non-profit organizations like Shadowserver. M86 Security researchers estimated the take down had an immediate effect on the spam from the botnet. On November 9, 2009, the spam had stopped altogether, although there was a very small trickle over the weekend, directed to a couple of small UK-based domains that they monitored. Since then the botnet bounced back, exceeding pre-takedown levels by Nov. 22, and ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Ars Technica
''Ars Technica'' is a website covering news and opinions in technology, science, politics, and society, created by Ken Fisher and Jon Stokes in 1998. It publishes news, reviews, and guides on issues such as computer hardware and software, science, technology policy, and video games. ''Ars Technica'' was privately owned until May 2008, when it was sold to Condé Nast Digital, the online division of Condé Nast Publications. Condé Nast purchased the site, along with two others, for $25 million and added it to the company's ''Wired'' Digital group, which also includes ''Wired'' and, formerly, Reddit. The staff mostly works from home and has offices in Boston, Chicago, London, New York City, and San Francisco. The operations of ''Ars Technica'' are funded primarily by advertising, and it has offered a paid subscription service since 2001. History Ken Fisher, who serves as the website's current editor-in-chief, and Jon Stokes created ''Ars Technica'' in 1998. Its purpose was ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
NortonLifeLock
Gen Digital Inc. (formerly Symantec Corporation and NortonLifeLock) is a multinational software company co-headquartered in Tempe, Arizona and Prague, Czech Republic. The company provides cybersecurity software and services. Gen is a Fortune 500 company and a member of the S&P 500 stock-market index. The company also has development centers in Pune, Chennai and Bangalore. Its portfolio includes Norton, Avast, LifeLock, Avira, AVG, ReputationDefender, and CCleaner. On October 9, 2014, Symantec declared it would split into two independent publicly traded companies by the end of 2015. One company would focus on security, the other on information management. On January 29, 2016, Symantec sold its information-management subsidiary, named Veritas Technologies, and which Symantec had acquired in 2004, to The Carlyle Group. On August 9, 2019, Broadcom Inc. announced they would be acquiring the Enterprise Security software division of Symantec for $10.7 billion, and the company became ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Russian Business Network
The Russian Business Network (commonly abbreviated as RBN) is a multi-faceted cybercrime organization, specializing in and in some cases monopolizing personal identity theft for resale. It is the originator of MPack and an alleged operator of the now defunct Storm botnet. The RBN, which is notorious for its hosting of illegal and dubious businesses, originated as an Internet service provider for child pornography, phishing, spam, and malware distribution physically based in St. Petersburg, Russia. By 2007, it developed partner and affiliate marketing techniques in many countries to provide a method for organized crime to target victims internationally. Activities According to internet security company VeriSign, RBN was registered as an internet site in 2006. Initially, much of its activity was legitimate. But apparently the founders soon discovered that it was more profitable to host illegitimate activities and started hiring its services to criminals. The RBN has been desc ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Spamhaus
The Spamhaus Project is an international organisation based in the Principality of Andorra, founded in 1998 by Steve Linford to track email spammers and spam-related activity. The name ''spamhaus'', a pseudo-German expression, was coined by Linford to refer to an internet service provider, or other firm, which spams or knowingly provides service to spammers. Anti-spam lists The Spamhaus Project is responsible for compiling several widely used anti-spam lists. Many internet service providers and email servers use the lists to reduce the amount of spam that reaches their users. In 2006, the Spamhaus services protected 650 million email users, including the European Parliament, US Army, the White House and Microsoft, from billions of spam emails a day. Spamhaus distributes the lists in the form of DNS-based Blacklists (DNSBLs) and Whitelists (DNSWLs). The lists are offered as a free public service to low-volume mail server operators on the Internet. Commercial spam filtering servic ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Warezov
Stration (also known as Stratio and Warezov) is a family of computer worms that can affect computers running Microsoft Windows, disabling security features and propagating itself to other computers via e-mail attachments. This family of worms is unusual in that new variants are being produced at an unprecedented rate, estimated to be up to one every 30 minutes at its peak, and downloaded from remote servers by infected machines to speed propagation. This makes detection and removal a particular challenge for anti-virus software vendors, because new signature files for each variant need to be issued to allow their software to detect them. Details The first variant of the Stration family was reported in late September 2006. It was quickly discovered that the worm program, as well as propagating itself by sending out copies via e-mail, was downloading new variants from one of a number of remote servers. These variants were generated by a program on those servers under control of the ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
ThreatExpert
PC Tools (founded in 2003), formerly known as WinGuides.com, was a software company acquired by Symantec in 2008; the new owner eventually discontinued the PC Tools name. Company headquarters were in Australia, with offices in Luxembourg, the United States, United Kingdom, Ireland and Ukraine. The company had previously developed and distributed security and optimization software for the Mac OS X and Microsoft Windows platforms. Products By 29 November 2006 software owned by PC Tools had been downloaded over 125 million times. PC Tools Browser Defender PC Tools Browser Defender, also called Browser Defender for short, is a browser toolbar for Internet Explorer and Mozilla Firefox browsers on Windows based computers. Browser Defender allows for safe web surfing. PC Tools iAntiVirus iAntivirus was updated in 2012 and rebranded under Symantec's Norton brand. PC Tools iAntiVirus is free antivirus software for Intel based Apple Macintosh computers running Mac OS 10.5 ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
