Slashdot Mirror

← Back to Stories (view on slashdot.org)

Legitimate ISP a Cover-up For a Cybercrime Network

Posted by Soulskill on from the e-front-affront dept.

ezabi writes "TrendWatch, the malware research arm of TrendMicro, has posted a white paper titled 'A Cybercrime Hub' (PDF, summary here) describing the activities of an Estonian ISP acting as a cover-up for a large cybercrime network. It's involved with malware distribution and DNS hijacking, which leads to credit card fraud. The story's interesting, and a typical internet user would be exposed in such a situation. What security measures should be taken to prevent normal users from falling victim to such malicious bodies? Note that they are represented legitimately and are offering real services like any other internet company."

5 of 68 comments (clear)

  1. DNSSEC and ubiquitous SSL. by Timothy+Brownawell · · Score: 5, Informative

    ...and DNS hijacking .... The story's interesting, and a typical internet user would be exposed in such a situation. What security measures should be taken to prevent normal users from falling victim to such malicious bodies?

    DNSSEC so they can't do anything to your DNS queries (not even by directing you to an evil resolver), and SSL or similar for everything else so your connections can't be edited or sniffed. Then there's not really much the can do, besides just dropping all your connections.

  2. Re:Adware by matria · · Score: 5, Interesting

    Did you even read the whitepaper?

    The director of the Estonian company has been convicted for credit card fraud but he was still able to build a network of companies in Europe and in the United States

    For instance, a Web developer who
    joined the company in 2008 proudly published a portfolio containing sites that he developed during his employ. This is a natural thing to do for a Web developer. In this case, however, his portfolio consisted not only of corporate websites but also of websites that have been used to lure Internet users to install Trojans that posed as helpful software such as video codecs and file compression software.

    The whitepaper is totally different than you tried to portray, even in the first page. Your post is obviously an attempt at a coverup, presuming most people won't read the PDF.

  3. Re:This is new? by fuzzyfuzzyfungus · · Score: 4, Funny

    Or the financial industry and the financial industry.

  4. Network neutrality by MobyDisk · · Score: 4, Interesting

    From a US perspective: without network neutrality, this is all legal.

    Page 8 of the PDF shows CNN.COM with an advertisement replaced. What stops them from replacing the content of the articles? Page 10 shows how they hacked Google results. What keeps them from changing those results to filter articles on politics, religion, gender issues, laws...

  5. Re:Adware by Runaway1956 · · Score: 4, Insightful

    It seems Mr. Tsastsin has a rather colorful past, and is no stranger to organized crime. According to the local court and news media, he was recently sentenced to three years in an Estonian prison after being found guilty of credit card fraud, document forgery, and money laundering.
    _____________________________________

    If you happen to be Tsastsin's wife, I can understand that you'd like to stick up for his "good name". Maybe you feel that you need to do so, for the kids.

    But, the bastard is a criminal bastard. Your astroturfing won't change the fact.

    --
    "Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br