Legitimate ISP a Cover-up For a Cybercrime Network

Posted by Soulskill on Wednesday August 26, 2009 @05:01AM from the e-front-affront dept.

ezabi writes "TrendWatch, the malware research arm of TrendMicro, has posted a white paper titled 'A Cybercrime Hub' (PDF, summary here) describing the activities of an Estonian ISP acting as a cover-up for a large cybercrime network. It's involved with malware distribution and DNS hijacking, which leads to credit card fraud. The story's interesting, and a typical internet user would be exposed in such a situation. What security measures should be taken to prevent normal users from falling victim to such malicious bodies? Note that they are represented legitimately and are offering real services like any other internet company."

1 of 68 comments (clear)

Min score:

Reason:

Sort:

DNSSEC and ubiquitous SSL. by Timothy+Brownawell · 2009-08-26 05:07 · Score: 5, Informative

...and DNS hijacking .... The story's interesting, and a typical internet user would be exposed in such a situation. What security measures should be taken to prevent normal users from falling victim to such malicious bodies?

DNSSEC so they can't do anything to your DNS queries (not even by directing you to an evil resolver), and SSL or similar for everything else so your connections can't be edited or sniffed. Then there's not really much the can do, besides just dropping all your connections.