Hotbed of Cybercrime Activity Tracked Down To ISP In Region Where Russia Is Invading Ukraine

An anonymous reader writes: Last week, WordPress security firm WordFence revealed it detected over 1.65 million brute-force attacks originating from an ISP in Ukraine that generated more malicious traffic than GoDaddy, OVH, and Rostelecom, put together. A week later, after news of WordFence's findings came to light, Ukrainian users have tracked down the ISP to a company called SKS-Lugan in the city of Alchevs'k, in an area controlled by pro-Russian forces in eastern Ukraine. All clues point to the fact that the ISP's owners are using the chaos created by the Russian military intervention in Ukraine to host cyber-crime operations on their servers. Some of the criminal activities the ISP hosts, besides servers for launching brute-force attacks, include command-and-control servers for the Locky ransomware, [email, comment, and forum] spam botnets, illegal streaming sites, DDoS stressers, carding sites, several banking trojans (Vawtrack, Tinba), and infostealers (Pony, Neurevt). UPDATE 12/22/16: The headline and summary have been updated to reflect the fact that Ukraine is fighting a Russian invasion, and is not in a "civil war," as mentioned in the source.

why is it always the russians

[nimbius]

All clues point to the fact that the ISP's owners are using the chaos created by the Ukrainian civil war to host cyber-crime operations on their servers.

or more likely the owners and staff were gunned down or driven off by the civil war, leaving the doors open and business office available for other sundry activities.

Re:why is it always the russians

[Zontar_Thing_From_Ve]

All clues point to the fact that the ISP's owners are using the chaos created by the Ukrainian civil war to host cyber-crime operations on their servers.

or more likely the owners and staff were gunned down or driven off by the civil war, leaving the doors open and business office available for other sundry activities.

Possible, but not "more likely". In the past decade I spent a good amount of time in Ukraine and I've been to a lot of different parts of it, particularly in the Russian speaking parts. In fact, the last city I went to is now completely under control of rebels and airport I flew out of in Donnetsk doesn't exist any more. While I do still have mostly good memories of being there, I can tell you that in general the people in Ukraine are a lot less honest than you'll find by default in Western Europe. This is especially true in Russian speaking regions. I regard it as a holdover legacy of the Soviet Union and its collapse. The Soviet Union essentially legalized bribery by not caring enough to punish people who took bribes. And the collapse of the Soviet Union resulted in a bunch of greedy, low class Communist Party connected individuals who grabbed formerly state run businesses for pennies on the dollar and manipulated those into vast personal fortunes. So a lot of Ukrainians have learned that corruption is everywhere, nobody wants to stop it, and everybody who gets ahead cheated their way to the top. It could be that people who've always lived there are still there and exploiting the situation or it could be new people are exploiting it or this is being done to fund the Russian government sending weapons across the border. All I can say is that with the chaos and anarchy currently in that part of Ukraine that whoever is doing it is probably never going to be stopped by whoever is in charge as they're likely paying those people off.

Results of world policy

[NuclearCat]

Don't be surprised, if everybody decide to demonize and ignore civil rights of some part of world for sake of "keep irritating russia" and "let's assume as humans only friendly to us dudes", definitely those in war zone will become even more rogue and do more and more nasty things.
Keep in mind, skilled IT workers there, and they need earn for living, so for sure some of them will fall in hands of gangs.

Explaining Russian-Ukrainian conflict to Yanks

[mi]

UN GA just days ago adopted a resolution finally admitting that Ukraine is a victim of the Russian military aggression.

For better or worse, the part of the United States' electorate, to whom you want to appeal, view the United Nations with skepticism. So, instead of appealing to a questionable authority, try the following argument...

Imagine, Americans, Mexican government declaring Trump's election "a coup", his assemblage of generals — a junta, which placed the Latinophobic Nazi in power, contrary to the wishes of most Americans. Out of concern for the brotherly nation, Mexican government is encouraging volunteers to cross into California, Arizona, and Texas to help the local Spanish-speaking "self-defense" militias protect themselves against the White English-speaking bigots, who've persecuted the Spanish-speaking minority for years. In places stolen from Mexico before, these polite volunteers in military uniforms without any official insignia are already organizing a referendum to leave the US and join Mexico.

Patriotic Americans attempting to resist the invasion are denounced as racists and shot at with military-style efficiency. Although officially Mexico is not a party to this "civil war", its troops are regularly encountered on the battlefields — all of them are then found to have been "on leave" from their units. Artillery bombardment of American forces seems to originate from across the border, but no one can say for sure.

Would you still say, it is a civil war — Americans fighting other Americans?