Slashdot Mirror

← Back to Stories (view on slashdot.org)

Verizon Accused of Helping Spammers By Routing Millions of Stolen IP Addresses (spamhaus.org)

Posted by Soulskill on from the turning-a-blind-IP dept.

An anonymous reader writes: Spamhaus, an international non-profit organization that hunts down spammers, is accusing Verizon of indifference and facilitation of cybercrime because it failed for the past six months to take down stolen IP routes hosted on its network from where spam emails originated. Spamhaus detected over 4 million IP addresses, mainly stolen from China and Korea, and routed on Verizon's servers with forged paperwork. Spamhaus says, "For a start, it seems very strange that a large US-based ISP can be so easily convinced by abusers to route huge IP address blocks assigned to entities in the Asian-Pacific area. Such blocks are not something that can go unnoticed in the noise of everyday activity. They are very anomalous, and should call for an immediate accurate verification of the customer. Internal vetting processes at large ISPs should easily catch situations so far from normality."

24 of 120 comments (clear)

  1. Math by sexconker · · Score: 4, Informative

    Illicit gains > anticipated cost of getting caught? Proceed to fuck everyone.

    1. Re:Math by Opportunist · · Score: 4, Insightful

      Well, with a government there is at least a chance that it might have your interest on its mind. At least on paper it has.

      No corporation will, ever, have your interests as a goal. Never. You're the necessary evil to profit, nothing else. If there's no profit to be had with you, you can as well not exist.

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    2. Re:Math by bobbied · · Score: 3, Insightful

      Yea, but only government can take EVERYTHING you have away and give it to someone else, evil corporations cannot do that alone.

      --
      "File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
    3. Re:Math by sjames · · Score: 4, Insightful

      evil corporations cannot do that alone.

      If not for government, they COULD take everything away and probably would.

    4. Re:Math by Required+Snark · · Score: 3, Insightful
      Hey dumbshit, evil corporations can, and do, take everything that people own. They do it with the full co-operation of the government, and the laws are written so that the corporations always win and usually make a profit.That's because the law is for sale.

      I know you were probably living in your parents basement at the time (like you are right now), but way back in 2008 there was a huge world wide financial meltdown. You might not have been aware of it because of your troglodyte lifestyle, but for anyone who saw daylight and knew the current date when this happened it was a real big deal.

      It was due to spiraling housing prices, which were the result of Wall Street banks making loans to anyone who had a pulse. All the laws and regulations that were supposed keep the financial system stable were essentially suspended. The Bush administration and Alan Greenspan basically shut down all financial oversight. They were living the Libertarian masturbatory fantasy of laissze faire capitalism.

      Now like any wet dream, when the party was over there was an ugly sticky mess that needed to be cleaned up. The people who got screwed the worst were the schmucks who bought into the lies that Wall Street was pumping out. At any point in US history between 1929 and 2000 this could not have occurred because there were meaningful lending standards. The vast numbers of unqualified borrowers were the result of criminally irresponsible lending by the big Wall Street bank.

      So what happened to the home owners when they couldn't pay up? Bankruptcy! That means they lost everything they owned except maybe their car and some personal items. All their saving and anything material with a salable value were confiscated and given to the banks to cover the unpaid debt. That would pretty much be your definition of "take EVERYTHING you have away". And it all goes to the "evil corporations", to use your phrase.

      So remove you head from where it's stuck up you ass and try and get a clue. I know you spout the Libertard line, but out here in the real world that makes as much sense as believing the Harry Potter books are non-fiction. Corporations are not intrinsically noble or honest, and the government is not always your enemy. If you think I'm wrong then I suggest that you go someplace with no working government and see how you like it. I suggest the coastal region of Somalia.

      --
      Why is Snark Required?
    5. Re:Math by Aighearach · · Score: 4, Insightful

      What a load of crap. In the past when governments have been weak, that is exactly what established business interests could do. Anything and everything. Government stopping them is the only thing preventing "evil" corporations (and the rest) from taking everything you have.

    6. Re:Math by Anonymous Coward · · Score: 2, Insightful

      ^this is a person that has never attempted to read and understand a mortgage.

    7. Re:Math by TheRaven64 · · Score: 2

      Various East India companies would beg to differ. You might want to look up the history of what happens when corporations are not counterbalanced by governments.

      --
      I am TheRaven on Soylent News
  2. Well I'm shocked, Shocked.... by bobbied · · Score: 5, Insightful

    That an ISP is being duped into routing stolen IP's so easily!

    Come on, this is Verizon we are talking about here. They don't hire the sharpest knives in the drawer and so they managed to collect a little bit of cash believing the paperwork provided by their customer? Collect the fees, route the IP and should the real owner of the address finally show up and complain, keep the fees, say your are sorry, remove the route and move on to the next prospective customer throwing money at you. Seriously, what's Verizon's incentive to go out of it's way here?

    So, these folks want to try and play the "Shame on Verizon" card now? Yea, good luck with making anything change. Verizon doesn't shame that easily or they'd be changing their consumer business practices too..

    --
    "File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
    1. Re:Well I'm shocked, Shocked.... by khasim · · Score: 2

      And anyone who knows anything about SPAM will have those addresses flagged as very likely spammers.

      Yes, it would be nice if Verizon would take responsibility for their network. But in the meantime (because that is never going to happen) just flag those addresses yourself.

      And not just for SPAM. Also look at restricting them at your firewall so they cannot spread malware to your machines.

  3. This is not surprising by surfdaddy · · Score: 5, Insightful

    IMHO Verizon is right up there with Comcast in being one of the most despicable companies in the US. They bought spectrum from the FCC promising to keep it "open" but don't approve non-Verizon devices until tons of "testing" that can take a year. They are the ones who started fighting any net neutrality. And then they (according to this post) enable spammers. Because as a huge ISP, paying attention to real technical details might be too....time consuming and profit-leaching...

  4. Verizon/UUnet used to be the best by kevmeister · · Score: 5, Interesting

    A few years ago, Verizon employed some to the best people in the best people in the world to handle network and routing security. They were very responsive to reports of address hijacking and related issues. Those folks have all left Verizon since they bought UUnet, though the rush for the door didn't start until about 4 years ago.

    This all happened about the time I left the operational world and started moving into retirement, so I don't know the people who replaced them, but I am sure that, if they were replaced at all, that the new people were not of the caliber of those who left.

    As is often the case, network security seems to have been declared a low priority at Verizon. after all, it does not make them any money. Of course, if they become known for bad security, it could have an impact on the bottom line at some point.

    --
    Kevin Oberman, Network Engineer, Retired
    1. Re:Verizon/UUnet used to be the best by whoever57 · · Score: 3, Interesting

      The positions though? Probably H1B replacements.

      What makes you think that they in the USA? India-based engineers are cheaper than H1-Bs.

      --
      The real "Libtards" are the Libertarians!
    2. Re:Verizon/UUnet used to be the best by mvdwege · · Score: 2

      UUNet was an unresponsive spam sewer long before outsourcing and H1Bs became a thing. Of course, that wouldn't stop you from railing that dey took er jerbs, now would it?

      --
      "I know I will be modded down for this": where's the option '-1, Asking for it'?
    3. Re:Verizon/UUnet used to be the best by NormalVisual · · Score: 2

      Yup. UUNet is one of the few providers that was subjected to a UDP.

      --
      Please stand clear of the doors, por favor mantenganse alejado de las puertas
  5. Eliminate the Corporation Shield by Gojira+Shipi-Taro · · Score: 3, Interesting

    Hold the principles of corporations criminally liable for things that happen on their networks. Imprison a few of these motherfuckers and watch corporate behavior get better overnight.

    --
    "Oh my God. This is terrible. This is the end of my Presidency. I'm fucked."; ~ Donald J. Trump
    1. Re:Eliminate the Corporation Shield by HiThere · · Score: 4, Interesting

      That's not the corporate shield. The corporate shield protects minority stockholders (I think less than 10% of the stock) from liability. The executives, board, and majority stockholders are protected by the much simpler approach of nobody caring to prosecute them.

      --

      I think we've pushed this "anyone can grow up to be president" thing too far.
  6. Re:IPv6 by Anonymous Coward · · Score: 3, Informative

    Verizon is mainly using IPv6 in their cellular network, not their physical networks (not in any large number anyway). Very few residential customers have IPv6 addresses from Verizon and next to no business-class customers have IPv6 ranges supplied to them. Verizon is also not too interesting in rolling out IPv6 to their physical network customers any time soon since the common statistics out there show Verizon as being on the forefront of IPv6 deployment. This false impression has duped many, including you. The only reason they did so for their cellular networks was because it was easier and cheaper than somehow getting IPv4 ranges for all their handsets (including projections for future customer base).

  7. money changed hands by roc97007 · · Score: 3, Interesting

    > Such blocks are not something that can go unnoticed in the noise of everyday activity.

    Although it can probably never be proven, occam's razor indicates that money changed hands. It's a more logical conclusion than this level of incompetence amongst the necessary number of employees.

    --
    Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
    1. Re:money changed hands by grcumb · · Score: 2

      Although it can probably never be proven, occam's razor indicates that money changed hands. It's a more logical conclusion than this level of incompetence amongst the necessary number of employees.

      If past experience is any indication, then yes, telcos are perfectly content to engage in the dodgiest of dodgy practices if it means making a buck or two.

      --
      Crumb's Corollary: Never bring a knife to a bun fight.
    2. Re:money changed hands by Altanar · · Score: 2

      I prefer Hanlon's razor. "Never attribute to malice that which is adequately explained by stupidity." The most likely reason, in my opinion, is incompetence.

  8. wtf Spam? by frankenheinz · · Score: 3, Funny

    Does spamhaus still exists? Does spam still exist? (Its been years since I've seen any spam in _my_ inbox.)

    --
    The law is not an ass. No really.
    1. Re:wtf Spam? by Anonymous Coward · · Score: 2, Interesting

      I run the mail cluster at work and have a personal server for my own domains. Even after Barracuda, SpamAssassin, clamav, and a host of custom rules for SA and procmail... Yes, spam still exists. If you haven't received a spam email in years, you (or whoever operates your email) are filtering way too heavily and I guarantee you're losing legitimate messages in the process. That might be fine for your personal box but it's not really acceptable in business.

      If you mean you receive spam, but gets filtered to a spam folder instead of your primary inbox, that's not much of a feat, and is pretty much normal now. The shit is still wasting countless resources around the world. Just because you don't see it (or choose not to look at it) doesn't mean it's not a problem.

  9. Re:NSA? by Z00L00K · · Score: 2

    Another possibility is that NSA uses spammers to obfuscate their actions so that the illicit transfer of IP addresses is actually sanctioned by NSA.

    --
    If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.