Throughout 2011, internet users faced numerous threats as organizations large and small fell foul to attacks on their systems leading to several commentators branding 2011 as ‘the year of the data breach’. There were some truly shocking revelations about large-scale data breaches with many questions still outstanding on the ‘who, where and why.’ The year ended as it began with yet another data breach of epic proportions, with more than 75,000 credit card numbers and 850,000 usernames and passwords being stolen from strategic forecaster ‘Stratfor’
New threats in 2011 included the appearance of the first smartphone infections with botnet-like attributes to bring the reality of a ‘pocket botnet’ ever closer. 2012 will see more of the same as the popularity of the smartphone, as the device of choice for accessing the internet, continues to increase and ensures that cybercriminals will make it their target in pursuit of financial gain. There is a special feature on this subject in HE’s Q4 2011 report (http://hostexploit.com/
Featured too in the report is an overview of the analysis performed on the ‘Dirt Jumper’ DDoS botnet by newly-formed security group DeepEnd Research – a fusion of independent, experienced and highly-respected researchers.
As a regular feature, the HE Bad Hosts report identifies which hosts have the most malicious activities in terms of delivering botnets, spam, phishing, exploits, viruses, etc., via their servers. Each category has its own clearly reported analysis which, when combined, gives an overview on where internet badness is located.
Highlights from the Q4 2011 report include a new “#1 Bad Host”: Lithuanian (LT) AS47583 Hosting Media supporting some of the worst types of threats including several botnet-related activities such as Zeus as well as C&C servers, exploit servers, phishing servers, malware and badware.
It is our opinion that publicizing information in this fashion helps service providers to gauge their own levels of ‘badness’, to compare their performance against other providers and serves as an alert or early warning about a problem that time-pressured hosting providers may have overlooked.
Additionally, HE firmly believes it makes sense for hosting providers to be proactive and to engage in self-regulation. After all, it makes no economic sense to gain a bad reputation.
By highlighting the ‘bad’ hosts, who put money before concern for the safety of Internet users, we can raise awareness among webmasters and domain owners. Armed with this information they can make an informed decision about where to host their websites. Hosting providers will thus be provided with an incentive to stay clean in a highly competitive market.
Further analysis on individual Autonomous Systems (ASN), for example AS47583 Hosting Media, can be downloaded from our website www.sitevet.com
Note: Every reasonable effort has been made to assure that the source data for this report was up to date, accurate, complete and comprehensive at the time of the analysis.
About HostExploit.com (http://hostexploit.com)
HostExploit provides open source intelligence on cyber security issues and cybercriminal operations. In providing analysis of all the public Internet servers worldwide the quarterly Top Bad Hosts reports and daily SiteVet updates aim to maximize the awareness for hosts, registrars, governmental and cyber security researchers.
About Group-IB (http://group-
Group-IB is Russia and the CIS’s (Commonwealth of Independent States) leading computer security company, specializing in the investigation of computer crime, information security breaches, and computer forensics.
On the basis of Group-IB, CERT-GIB operates as the first private computer emergency response team in Russia. CERT-GIB provides the client with comprehensive support in minimizing informational risks, consisting of technical, organizational, and legal advice.
# # #
HostExploit provides open source intelligence on cyber security issues and cybercriminal operations. The aim is to maximize the awareness for hosts, registrars, governmental and cyber security researchers.