After receiving information that the RBN malware bastion, HostFresh (aut-num: AS23898 as-name: HOSTFRESH-AS-AP), was in the process of being depeered, I decided to track fleeing malware domains.
During the takedowns of Atrivo, McColo and UkrTelegroup, we observed domains being migrated to other IP ranges, as the owners sought to keep their criminal enterprises alive.
As of Sunday morning 29 March 2009, 61% of the 18 malware domains that I sampled had been migrated:
During the takedowns of Atrivo, McColo and UkrTelegroup, we observed domains being migrated to other IP ranges, as the owners sought to keep their criminal enterprises alive.
As of Sunday morning 29 March 2009, 61% of the 18 malware domains that I sampled had been migrated:
Read more
http://securehomenetwork.blogspot.com/2009/03/rbn-domains-fleeing-hostfresh.html
Posts
No comments:
Post a Comment