By Robert McMillan
IDG News Service
It's a great deal, if you're a spammer.
You pay US$700 to use a server in China that lets you send all the spam
you like. It's called bulletproof hosting, and to the people who fight
spam and cybercrime it's becoming a big problem.
Cybercriminals use these services not just to host servers, but also to
register Internet domain names that they use for spam and online
attacks. In a three-month period this year, researchers at the
University of Alabama at Birmingham traced more than 22,300 domains, all
used to send online pharmaceutical spam, to just six bulletproof
computers hosted in China, said Gary Warner, director of research in
computer forensics at the university.
The Waledac Trojan, which uses clever social-engineering techniques to
spread itself, has been using bulletproof domain names to keep itself
alive, Warner said. "We had over 70 domains that the entire community
worked their butts off and tried for four months to try to shut," he
said. "Because we can't shut down the domain names we can't shut down
the spread of the virus."
Bulletproof domain-name registration is even cheaper than bulletproof
servers. A criminal can anonymously register a bulletproof domain for
LayerOne 2009, Information Security for the discerning professional.
May 23-24 2009 @ The Anaheim Marriott in Anaheim, California
Visit http://layerone.info for more information