Hotbed of Cybercrime Activity Tracked Down To ISP In Region Where Russia Is Invading Ukraine

An anonymous reader writes: Last week, WordPress security firm WordFence revealed it detected over 1.65 million brute-force attacks originating from an ISP in Ukraine that generated more malicious traffic than GoDaddy, OVH, and Rostelecom, put together. A week later, after news of WordFence's findings came to light, Ukrainian users have tracked down the ISP to a company called SKS-Lugan in the city of Alchevs'k, in an area controlled by pro-Russian forces in eastern Ukraine. All clues point to the fact that the ISP's owners are using the chaos created by the Russian military intervention in Ukraine to host cyber-crime operations on their servers. Some of the criminal activities the ISP hosts, besides servers for launching brute-force attacks, include command-and-control servers for the Locky ransomware, [email, comment, and forum] spam botnets, illegal streaming sites, DDoS stressers, carding sites, several banking trojans (Vawtrack, Tinba), and infostealers (Pony, Neurevt). UPDATE 12/22/16: The headline and summary have been updated to reflect the fact that Ukraine is fighting a Russian invasion, and is not in a "civil war," as mentioned in the source.

If this is true

This is what is in stall for the rest of us if the reds take hold!

Re:If this is true

In store! IN STORE!

Jesus. And English isn't even my first or second language.

Makes sense

[Dan+East]

Any time a country occupies another's territory they will employ its infrastructure and resources to further whatever objectives are profitable for the invading country. In the past it might be industries such as steel production, fuel production, mining of natural resources, plundering of various kinds of stockpiles, utilizing manufacturing to produce weapons and munitions to further increase the power of the invading country. Just because these days those resources can also take the form of technologies (such as internet bandwidth and processing power) it makes them no less valuable or exploitable.

Re:Makes sense

[quax]

The difference now is, that in a world connected by the Internet, if anywhere law and order breaks down, it will affect the rest of the world.

why is it always the russians

[nimbius]

All clues point to the fact that the ISP's owners are using the chaos created by the Ukrainian civil war to host cyber-crime operations on their servers.

or more likely the owners and staff were gunned down or driven off by the civil war, leaving the doors open and business office available for other sundry activities.

Re:why is it always the russians

[Big+Hairy+Ian]

or more likely the owners and staff were gunned down or driven off by the civil war, leaving the doors open and business office available for other sundry activities.

And if that happened at AT&T/Verizon would it even make the news?

Re:why is it always the russians

[Zontar_Thing_From_Ve]

All clues point to the fact that the ISP's owners are using the chaos created by the Ukrainian civil war to host cyber-crime operations on their servers.

or more likely the owners and staff were gunned down or driven off by the civil war, leaving the doors open and business office available for other sundry activities.

Possible, but not "more likely". In the past decade I spent a good amount of time in Ukraine and I've been to a lot of different parts of it, particularly in the Russian speaking parts. In fact, the last city I went to is now completely under control of rebels and airport I flew out of in Donnetsk doesn't exist any more. While I do still have mostly good memories of being there, I can tell you that in general the people in Ukraine are a lot less honest than you'll find by default in Western Europe. This is especially true in Russian speaking regions. I regard it as a holdover legacy of the Soviet Union and its collapse. The Soviet Union essentially legalized bribery by not caring enough to punish people who took bribes. And the collapse of the Soviet Union resulted in a bunch of greedy, low class Communist Party connected individuals who grabbed formerly state run businesses for pennies on the dollar and manipulated those into vast personal fortunes. So a lot of Ukrainians have learned that corruption is everywhere, nobody wants to stop it, and everybody who gets ahead cheated their way to the top. It could be that people who've always lived there are still there and exploiting the situation or it could be new people are exploiting it or this is being done to fund the Russian government sending weapons across the border. All I can say is that with the chaos and anarchy currently in that part of Ukraine that whoever is doing it is probably never going to be stopped by whoever is in charge as they're likely paying those people off.

Re:why is it always the russians

[Agripa]

or more likely the owners and staff were gunned down or driven off by the civil war, leaving the doors open and business office available for other sundry activities.

And if that happened at AT&T/Verizon would it even make the news?

The rooms with the NSA gear to tap all AT&T communications made the news and nobody cared.

What about a Kickstarter/GoFundMe campaign?

[Required+Snark]

How much is a delivered Tomahawk with the self guided air delivery option?

Re:What about a Kickstarter/GoFundMe campaign?

[oldcarsmell]

Yeah, I'm sure our president-elect would be all for taking military action against his good buddy Vlad

Diplomatic trouble

[manu0601]

Bringing on international police cooperation will not work, as Ukraine does not control that territory.

That creates a difficult diplomatic situation: in order to get a result, one country has to recognize the region's sovereignty. Or alternatively, one can blacklist the offending IPs

Can't be Russia.

LALALALALA cant hear you, Vlad would never do anything like this and wouldn't allow his people to do it either. Wouldnt want to make Vlad or his puppets mad. I wouldnt want to get my tea poisoned with thallium.

Re:About time for some drone stikes

[ISoldat53]

7-11 that's who

Results of world policy

[NuclearCat]

Don't be surprised, if everybody decide to demonize and ignore civil rights of some part of world for sake of "keep irritating russia" and "let's assume as humans only friendly to us dudes", definitely those in war zone will become even more rogue and do more and more nasty things.
Keep in mind, skilled IT workers there, and they need earn for living, so for sure some of them will fall in hands of gangs.

Re:Results of world policy

I'm sorry but "keep irritating Russia" ? You mean the country who invaded a sovereign country and annexed one part of the country while supporting those fighting a civil war for control of the rest of the country. Putin is a pathological liar who makes damn sure every media outlet in the country reports only what he wants them to report. He supplied the anti-aircraft missile battery to the ass hats who promptly used it to shoot down a commercial airplane. Russian troops get captured and paraded on TV and Russia throws them under the bus. Why are so many Russian soldiers fighting in the Ukraine? Well according to Putin they are all on vacation since he has not ordered them there. Oh and Putin's little adventure into Ukraine shows that giving up your nuclear weapons because you were promised military protection is utter bullshit.

Russia is not a world power and all of Putin's "look at me antics" is just posturing from an ex-KGB officer pining for a return to the old USSR. To be a world power you need more than a bunch a nuclear weapons. Nuclear weapons are already taken out of the equation because the MAD deterrent is still in effect. Their conventional forces are a shadow of what they once were. To be a world power you need a credible military and a lot of money. California has a higher GDP than Russia. Compared to the US and China the Russians are a 3rd world country economically.

The Russians had 6 more of their wealthiest oligarchs black balled by the US last week. Any banking or finance related business providing finance services to those sanctioned will lose their access to the US financial markets. Meanwhile the US is working diligently at keeping the price of oil as low as possible which puts a real crimp in Russia's ability to generate hard currency.

And why do people think Russian or Chinese hacking is something they do better than the US? You never hear Russia or China complaining about US hacking so there are several possibilities.
1. The US is not capable of duplicating or surpassing Russian and Chinese hacking efforts.
2. The US is just not conducting any offensive or defensive cyber intrusions.
3. The US efforts are so successful that the Russians and Chinese have no idea what is compromised and what is not.

I am pretty sure one or more US intelligence agencies could use some of their tools to make sure Russia understands the consequences of their actions. The most probable reason they have not retaliated in the cyber world is that they do not want to advertise their capabilities and save them for something more important.

Spamhaus Block List has these guys

https://www.spamhaus.org/sbl/query/SBL190623

Just block the whole ISP and call it a day

Re:Spamhaus Block List has these guys

[Serif]

Agreed.

Other useful information for those that can make use of it.

AS43765
91.200.12.0/22

There is no civil war in Ukraine

[Z_God]

The idea that there's a civil war in Ukraine comes from Russian propaganda. There's actually a war against Russia going on there. The people who initiated it and the people on which it relies today all have Russian citizenship.

Re:There is no civil war in Ukraine

Ukraine isn't Russia. They have no intention of invading anyone. They want their country to be de-Finlandized, and to have the opportunity to develop socially and politically, without Russian interference. Unfortunately, Russia is an ultranationalist dictatorship, and they consider the former Soviet republics to be Russian property, so they feel like they can't allow that to happen. Ukraine will eventually win, but the question is: how much damage will Russian fascism cause before that happens?

Re:There is no civil war in Ukraine

That's a load of rubbish. Nazi/fascist political philosopher Dugin is an advisor to Putin's closest advisors, and his philosophy has become more or less mainstream. Russia annexed Crimea on nationalist grounds, very similar to what Hitler used to justify his Sudetendland annexation. Putin even said things along the lines of "Crimea is sacred Russian land" - you just don't hear stuff like this anymore from civilized countries. This was supported by over 80% of the Russian population. Many (most?) Russians still consider Ukraine and Belarus to be Russian territory. That's nationalism.

In Ukraine, the "nationalist" parties (Svoboda, and Pravy Sektor), whose "nationalism" mostly consists in wanting to be free of malicious Russian influence, have almost no representation in the parliament. In part, thanks to Russia's sponsorship of ultranationalist parties all over Europe (AfD, National Front, Golden Dawn, Jobbik - I could name major Russia-sponsored far-right parties all day, but you get the point), Ukraine is easily one of the least nationalistic countries in Europe. In fact, the Trump election reveals that Ukraine is even less nationalist than the US. The only way that you can call Ukraine nationalist is if you subscribe to the insane Russian ultranationalist notion that Ukraine's desire to de-Finlandize itself is somehow tantamount to nationalism.

Low and behold, is there your smoking gun?

[MxMatrix]

Did you know donald trump emphasizes with these pro-russians? Perhaps the allegations to the russian government aren't that far fetched at all and did these hacktivists disrupt the democratic party's campaign on purpose.

There is no civil war in Ukraine, stop lying

[vityok]

UN GA just days ago adopted a resolution finally admitting that Ukraine is a victim of the Russian military agression. Crimea is now an internationally recognized ocuppied region. The war in the eastern parts of the country is also between two nation-states: Ukraine and Russia. Claims about a "civil war" are distilled Fake News, a lie, Kremlin's disinformation.

Re:There is no civil war in Ukraine, stop lying

[packrat0x]

The problem is that the Ukrainian government does not recognize an
individual's God-given right of freedom of speech, freedom to peaceably
assemble, fredom of religion; or their right to bear arms. It was very sad to see
Ukrainians helpless against Russian invaders, since most Ukrainians aren't
allowed to possess firearms. Ukraine does not have citizen soldiers, it has
serfs ruled over by professional soldiers with a sham Democracy. The only real
difference the invasion has made is a change in language of the oppressor.

Re:There is no civil war in Ukraine, stop lying

[mi]

As an American [...]

Quit lying. You are not an American. You are posting from Olgino or some such place for Putin's shilling.

Re:There is no civil war in Ukraine, stop lying

[mi]

Ukrainian government does not recognize an individual's God-given right of freedom of speech, freedom to peaceably assemble, freedom of religion; or their right to bear arms

Actually, the recognition of these rights is not noticeably worse in Ukraine, than in the US.

Ukraine does not have citizen soldiers

Dude, who do you think stopped the Russian invasion from taking over the rest of Ukraine? Back in 2014 the official military was in such disarray, they could be stopped by brainwashed villagers — it was the hastily self-organized volunteer units...

Most have now been integrated into the rebuilt official military, but in 2014 it was them, who cauterized the gangrene...

Re:There is no civil war in Ukraine, stop lying

Take your Orwellian idiocy and Russian agitprop back to ZeroHedge, or some similar forum for degenerates. The Ukrainian public bravely stood up for democracy, by preventing Yanukovych from imposing the January 16th "Dictatorship Laws" (handed down to him by Russia, after one of his multiple "consultation" trips during that time) - http://www.civicsolidarity.org....

Yanukovych was legitimately elected, but he used his powers to subvert every level of every democratic institution in Ukraine. Because the Ukrainian public dared to defend democracy through a popular revolution, Putin saw this as a personal threat. He responded by invading Crimea, which appealed to the Russian public's inherent nationalism and imperialism. Ever since then, Ukraine and Russia have been at war with each other.

Re:There is no civil war in Ukraine, stop lying

[orient]

Actually, God did not give humans rights, He gave laws, very harsh laws and limited the right to speak to God prising only. The real freedom of speech, speaking against God, was to be punished by death.

Re: About time for some drone stikes

[jfdavis668]

They tried that already back in 2001. Didn't work.

Re:Trump to the Rescue...

[Talderas]

consumers can expect

* higher internet bills
* worse customer service
* fewer choices

If American consumers with one choice of ISP have fewer choices then how can they have higher bills and worse customer service?

Blame the RED Menace :)

[khz6955]

Why is it I don't believe any of this?

Explaining Russian-Ukrainian conflict to Yanks

[mi]

UN GA just days ago adopted a resolution finally admitting that Ukraine is a victim of the Russian military aggression.

For better or worse, the part of the United States' electorate, to whom you want to appeal, view the United Nations with skepticism. So, instead of appealing to a questionable authority, try the following argument...

Imagine, Americans, Mexican government declaring Trump's election "a coup", his assemblage of generals — a junta, which placed the Latinophobic Nazi in power, contrary to the wishes of most Americans. Out of concern for the brotherly nation, Mexican government is encouraging volunteers to cross into California, Arizona, and Texas to help the local Spanish-speaking "self-defense" militias protect themselves against the White English-speaking bigots, who've persecuted the Spanish-speaking minority for years. In places stolen from Mexico before, these polite volunteers in military uniforms without any official insignia are already organizing a referendum to leave the US and join Mexico.

Patriotic Americans attempting to resist the invasion are denounced as racists and shot at with military-style efficiency. Although officially Mexico is not a party to this "civil war", its troops are regularly encountered on the battlefields — all of them are then found to have been "on leave" from their units. Artillery bombardment of American forces seems to originate from across the border, but no one can say for sure.

Would you still say, it is a civil war — Americans fighting other Americans?

Re:Explaining Russian-Ukrainian conflict to Yanks

[javilon]

Please mod parent up

Re:Explaining Russian-Ukrainian conflict to Yanks

[moeinvt]

That's one of the best /. analogies ever. Well done. We've even got the allegations of a third-party facilitating the coup.

Assuming that the objective of Hispanic forces in those states is to exit the USA and join Mexico, I would not call it a "civil war". IMO, the term "civil war" should be reserved for situations where two or more factions within a nation are fighting to seize power over the whole nation. By the same token, I refuse to refer to the 1861-1865 war in the USA as a "civil war" because the South was not trying to take over Washington DC, but simply to break away. Your scenario is very similar except for the aid of Mexican military forces.

I'd hope that the states in the Southwest would at least attempt to exit the USA by referendum or a vote of their state legislatures before initiating hostilities though. Hell, with Trump in power, you'd get millions of white English-speakers on the Hispanic side.

Re:Explaining Russian-Ukrainian conflict to Yanks

[mi]

would not call it a "civil war". IMO, the term "civil war" should be reserved for situations where two or more factions within a nation are fighting to seize power over the whole nation [...] I refuse to refer to the 1861-1865 war in the USA as a "civil war" because the South was not trying to take over Washington DC

You are wrong, the term "civil war" in English means:

a war between factions in the same country

Note, that the objective does not matter... Wikipedia's expanded definition and explanation says:

A civil war is a war between organized groups within the same state or country, or, less commonly, between two countries created from a formerly united state. The aim of one side may be to take control of the country or a region, to achieve independence for a region or to change government policies.

No, what disqualifies Russian-Ukrainian conflict from being a "civil war" is that Russia — a foreign power — is among the belligerents.

Re:Explaining Russian-Ukrainian conflict to Yanks

[moeinvt]

How can I be wrong when I said it was my opinion that the term should be used more narrowly?

"...a war between factions in the same country..."

In the OP's hypothetical scenario, hostilities have erupted before any legal separation, so I suppose there's an argument for using the term, even though separation is the goal. When The South legally seceded from the union however, it was no longer the same country, thus, according to that definition, the 1861-1865 conflict was not a "civil war".

I must disagree with the Wikipedia definition that includes: "war ... between two countries created from a formerly united state". Winners write the history books and apparently they author the Wikipedia articles too. If the Czech Republic and Slovakia went to war, would that be called a "civil war" as well? Think about Sudan. They fought two "civil wars" lasting 20+ years each, but then ended up splitting into two countries by a referendum in the South. If they started fighting again, would it be "civil war 3" or something else?

If the intervention of foreign powers changes a "civil war" into a !"civil war", I think the terminology becomes hopelessly confused. I've certainly never heard the Korean War referred to as "The Korean Civil War", even though there were no foreign powers involved in the beginning. The USA is arming & training rebels in Syria and the Russians are providing air support for the government, but it's still regularly referred to as "The Syrian Civil War".

To me, a war in which one faction is fighting for political and territorial independence seems very different than a war in which both factions are fighting to control a central government. So different that a single label feels imprecise. I'm only going to use "civil war" for the latter type of conflict.

Re:About time for some drone stikes

[mi]

Russia has developed means to fool American drones — including the recently-supplied by the US analog Ravens.

They aren't completely useless, but they don't rule the skies either.

Semantics

[mi]

How can I be wrong when I said it was my opinion that the term should be used more narrowly?

It is wrong to change the very meaning of a word and then argue, other people aren't using it correctly.