Tracking the Russian Business Network

Monday

Last month, we talked about China's Wicked Rose and the NCPH Hacking Group. This month, we are going to mention the Russian Business Network (RBN) . Malware researchers have been tracking this group for some time and they claim they are responsible for a lot of pain on the Internet.

Brian Krebs has written a good overview of the RBN on his blog.

The Russian Business Network sells Web site hosting to people engaged in criminal activity, the security experts say. Groups operating through the company's computers are thought to be responsible for about half of last year's incidents of 'phishing' -- ID-theft scams in which cybercrooks use e-mail to lure people into entering personal and financial data at fake commerce and banking sites."

It is tough to find a serious cyber-crime attack over the past two to three years that did not involve RBN Internet addresses to some degree.

It seems the RBN is also listed in ROKSO (Register of Known Spam Organisation) of Spamhaus.

Here are some related articles:

Taking on the Russian Business Network (WashingtonPost)
Shadowy Russian Firm Seen as Conduit for Cybercrime (WashingtonPost)
Attackers turn Bank of India site into malware bazaar (Register.co.uk)

2 comments:

Karim Vaes said...: Check out the "Hacker Economics" articles (by Scott Berinato), it contains a very interesting read on one of the malwares that actually used RBN.

Link here: http://www.kvaes.be/security/hacker-economics-user-awareness-virtual-internet-banking-appliance/; October 15, 2007 10:34 AM
Security4all said...: And here it is with a link:
http://www.kvaes.be/security/hacker-economics-user-awareness-virtual-internet-banking-appliance/

Thank you for the reference.; October 15, 2007 10:47 AM