Russian Business Network

Russian Business Network

The Russian Business Network (commonly abbreviated as RBN) is a multi-faceted cybercrime organization, specializing in and in some cases monopolizing personal identity theft for resale. It is the originator of MPack (software) and an alleged operator of the Storm botnet. [ [http://rbnexploit.com Russian Business Network (RBN) ] ] [ [http://isc.sans.org/diary.html?storyid=3015 SANS Internet Storm Center; Cooperative Network Security Community - Internet Security - isc ] ] [ [http://www.verisign.com/security-intelligence-service/current-intelligence/research-reports/index.html?reportRequest=08.08.07%20:%20Uncovering+Online+Fraud+Rings%3A+The+Russian+Business+Network Topical Research Reports - Security Intelligence from VeriSign, Inc ] ] The RBN, which is notorious for its hosting of illegal and dubious businesses, originated as an Internet Service Provider for child pornography, phishing, spam, and malware distribution physically based in St. Petersburg Russia. More recently it has developed partner and affiliate marketing techniques in many countries to provide a method for organized crime to target victims internationally.cite web
url=http://www.washingtonpost.com/wp-dyn/content/article/2007/10/12/AR2007101202461.html
title=Shadowy Russian Firm Seen as Conduit for Cybercrime
author=Brian Krebs
publisher=Washington Post
date=2007-10-13
]

Activities

The RBN has been described as "the baddest of the bad". It offers web hosting services and internet access to all kinds of criminal and objectionable activities, with individual activities earning up to $150,000,000 in one year [ [http://technology.timesonline.co.uk/tol/news/tech_and_web/the_web/article2844031.ece Cybergang raises fear of new crime wave] ] . Businesses that take active stands against such attacks are sometimes targeted by denial of service attacks originating in the RBN network.cite web
url=http://economist.com/displaystory.cfm?story_id=9723768
title=A walk on the dark side
publisher=The Economist
date=2007-09-30
] RBN has been known to sell its services to these operations for $600 per month.

The business is difficult to trace. It is not a registered company, and its domains are registered to anonymous addresses. Its owners are known only by nicknames. It does not advertise, and trades only in untraceable electronic transactions.

There is one increasingly known activity of the RBN which is an exploit delivery method by applying fake anti-spyware and anti-malware for the purpose of PC hijacking and personal identity (ID) theft. [ [http://ddanchev.blogspot.com/2007/10/russian-business-network.html Dancho Danchev's Blog - Mind Streams of Information Security Knowledge: The Russian Business Network ] ] According to McAfee’s SiteAdvisor, MalwareAlarm is a dangerous fake anti-spyware software and is an updated version of Malware Wiper. They tested 279 “bad” downloads from this one site. [ [http://www.siteadvisor.com/sites/malwarealarm.com malwarealarm.com | Web Safety Ratings from McAfee SiteAdvisor ] ] The methodology is to entice the user to use a “free download” to test for spyware or malware on their PC, MalwareAlarm then displays a warning message of problems on the PC to persuade the unwary web site visitor to purchase the paid version. Along with MalwareAlarm, numerous other rogue software are linked to and hosted by the RBN. [ [http://rbnexploit.blogspot.com/2007/10/rbn-top-20-fake-anti-spyware-and-anti.html Russian Business Network (RBN): RBN – The Top 20, fake anti-spyware and anti-malware Tools ] ]

In the 2007 cyber threat matrix developed by Spy-Ops, RBN was ranked number 4 in the development and sale of cyber attack weapons.

According to Spamhaus RBN is “Among the world's worst spammer, child-pornography, malware, phishing and cybercrime hosting networks. Provides "bulletproof hosting", but is probably involved in the crime too”. [http://www.spamhaus.org/rokso/listing.lasso?-op=cn&spammer=Russian%20Business%20Network] RBN was the subject of an article [ [http://www.washingtonpost.com/wp-dyn/content/article/2007/10/12/AR2007101202461_pf.html Shadowy Russian Firm Seen as Conduit for Cybercrime ] ] in the Washington Post on October 13, 2007, where Symantec and other security firms claim RBN provides hosting for many illegal activities, including identity theft and phishing. The article quotes a spokesman for Kaspersky Labs that the owners of RBN might not have directly violated the law as they primarily provide hosting services; their customers are apparently the ones violating laws.

Organization

The RBN also operates under the guise of several other different names or what even could conventionally be regarded as international business or operating divisions. These core operations apparently have no geographical base with a few showing a physical location, however again the validity of these is doubtful. [http://www.spamhaus.org/rokso/evidence.lasso?rokso_id=ROK7465] [ [http://rbnexploit.blogspot.com Russian Business Network (RBN) ] ]
*RBNet,
*RBNetwork,
*RBusinessNetwork,
*iFrame Cash,
*SBT Telecom Network (Seychelles),
*Aki Mon Telecom,
*4Stat
*Eexhost
*Rusouvenirs Ltd.,
*TcS Network (Panama),
*Nevcon Ltd. (Panama),
*Micronnet Ltd. (St. Petersburg Russia),
*Too coin Software (UK)
*76service
*MalwareAlarm

Political Connections

It has recently been alleged that the founder and leader of the organization, known as 'Flyman', is related to a "powerful and well-connected" Russian politician. [ [http://www.guardian.co.uk/technology/2007/nov/15/news.crime Hunt for Russia's web criminals | Technology | The Guardian ] ] In light of this, it is entirely possible that recent cyber-terrorism activities, such as the denial of service attacks on Estonia in May 2007 [ [http://www.guardian.co.uk/international/story/0,,2081357,00.html Russia accused of unleashing cyberwar to disable Estonia | World news | The Guardian ] ] and on Georgia in August 2008 [ [http://rbnexploit.blogspot.com/2008/08/rbn-georgia-cyberwarfare.html RBN-Georgia cyberwarfare] (RBNexploit blog)] , may have been co-ordinated by or out-sourced to such an organization. Although this is currently unproven, intelligence estimates suggest this may be the case. [ [http://www.theage.com.au/news/security/the-hunt-for-russias-web-crims/2007/12/12/1197135470386.html The hunt for Russia's web crims - Security - Technology - theage.com.au ] ]

References

External links

* RBNexploit - The RBN watch-blog that provides detailed information on the RBN [http://rbnexploit.blogspot.com/]
* Spamhaus – Rokso listing and description of RBN activities [http://www.spamhaus.org/rokso/listing.lasso?-op=cn&spammer=Russian%20Business%20Network]
* StopBadWare - RBN User's Guide [http://groups.google.com/group/stopbadware/browse_thread/thread/f6d908519cc04432?hl=en]
* Verisign / iDefense - Uncovering Online Fraud Rings: The Russian Business Network [http://www.verisign.com/security-intelligence-service/current-intelligence/research-reports/index.html?reportRequest=08.08.07%20:%20Uncovering+Online+Fraud+Rings%3A+The+Russian+Business+Network]
* Emerging Threats - Blocking Rules and Snort Signatures for RBN Networks [http://www.emergingthreats.net/content/view/16/38/]
* RBN Study - bizeul org - PDF [http://www.bizeul.org/files/RBN_study.pdf]
* Shadowserver - RBN as RBusiness Network AS40898 - Clarifying the guesswork of Criminal Activity - PDF [http://www.shadowserver.org/wiki/uploads/Information/RBN-AS40989.pdf]

News

* Aug 17 2007 [http://www.cio.com/article/135500/2 Who's Stealing Your Passwords? Global Hackers Create a New Online Crime Economy] from CIO
* Aug 30 2007 [http://economist.com/displaystory.cfm?story_id=9723768 A walk on the dark side] from Economist
* Sep 04 2007 [http://news.zdnet.co.uk/security/0,1000000189,39289057,00.htm Infamous Russian ISP behind Bank of India hack] from ZDNet
* Oct 13 2007 [http://blog.washingtonpost.com/securityfix/2007/10/mapping_the_russian_business_n.html Mapping the Russian Business Network] from "Washington Post", Brian Krebs
* Oct 13 2007 [http://blog.washingtonpost.com/securityfix/2007/10/taking_on_the_russian_business.html Taking on the Russian Business Network] from "Washington Post", Brian Krebs
* Oct 15 2007 [http://www.wired.com/politics/security/news/2007/10/russian_network Russian Hosting Firm Denies Criminal Ties, Says It May Sue Blacklister] from "Wired", Ryan Singel
* Nov 07 2007 [http://www.pcworld.com/article/id,139442-c,cybercrime/article.html Major Russian Malware Site Goes Offline] from "PC World", John E. Dunn
* Nov 08 2007 [http://www.theregister.co.uk/2007/11/08/rbn_offline The Register: Controversial RBN drops offline] from "The Register"
* Nov 08 2007 [http://www.networkworld.com/news/2007/110807-major-russian-crime-hub-suddenly.html?nlhtsec=1105securityalert5&&nladname=110907securityal Major Russian crime site suddenly dies] from "Network World"
* Nov 10 2007 [http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9046299&pageNumber=1 Infamous Russian Business Network may be breaking into smaller bits] "Computerworld Security" Gregg Keizer
* Nov 13 2007 [http://business.timesonline.co.uk/tol/business/industry_sectors/technology/article2841087.ece 'Mother of all cybercrime' vanishes from the web] from "Times Online"
* Nov 15 2007 [http://www.guardian.co.uk/technology/2007/nov/15/news.crime 'Hunt for Russia's Web Criminals'] from "The Guardian: Technology"
* Nov 20 2007 [http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9048019&pageNumber=1 'Hackers jack Monster.com'] "Computerworld Security"
* Nov 28 2007 [http://news.independent.co.uk/sci_tech/article3201842.ece 'Cybercrime: Uncovered'] from "The Independent"
* Dec 09 2007 [http://observer.guardian.co.uk/magazine/story/0,,2222935,00.html 'Four million Britons have fallen victim to identity fraud'] from "The Observer"
* Dec 13 2007 [http://www.smh.com.au/news/security/the-hunt-for-russias-web-crims/2007/12/12/1197135470386.html 'Russia's web crims'] from "Sydney Morning Herald"
* Dec 21 2007 [http://www.dailymail.co.uk/pages/live/articles/live/live.html?in_article_id=503898&in_page_id=1889 'Do you know what your PC is up to?'] from "Daily Mail"
* Jan 31 2008 [http://www.thefirstpost.co.uk/?storyID=15281 'Russians behind zombie PC threat'] from "The First Post"
* Feb 19 2008 [http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9063418 'Russian hosting network running a protection racket'] from "Computerworld Security" Gregg Keizer
* Jun 16 2008 [http://www.itbusiness.ca/it/client/en/home/News.asp?id=48833 'There's a cyber war looming and we're doing little about it'] from "ITbusiness.ca" Nestor E. Arellano

Internet comments

* Mar 02 2007 Dusting my brain [http://dustingmybrain.com/archives/002375.html Go Away, Russian Business Network!]
* Jun 20 2007 ISC Sans - [http://isc.sans.org/diary.html?storyid=3015 MPack Analysis and it derivation from the RBN]
* Oct 18 2007 Dancho Danchev [http://ddanchev.blogspot.com/2007/10/russian-business-network.html Russian business network]
* Nov 08 2007 Trend Micro Malware Blog - [http://blog.trendmicro.com/rbn-goes-poof Reported the RBN going offline]
* Nov 16 2007 Spamhaus - [http://www.spamhaus.org/news.lasso?article=617 RBN as Chinese as Caviar & Borscht]
* Jan 09 2008 McAfee Avert Labs - [http://www.avertlabs.com/research/blog/index.php/2008/01/09/the-russian-business-network-is-on-tenterhooks The Russian Business Network is on tenterhooks]

ee Also

*List of spammers


Wikimedia Foundation. 2010.

Нужна курсовая?

Look at other dictionaries:

  • Russian Business Network — Das Russian Business Network (RBN) ist ein russischer Internetdienstanbieter mit Sitz in St. Petersburg, Levashovskiy Prospekt 12[1][2]. Ein großes Netz von Tochterunternehmen haben ihre Sitze unter anderem auf den Seychellen, in Panama, Türkei,… …   Deutsch Wikipedia

  • Instant Business Network — The Instant Business Network (or IBN) is a web based, help desk and project management software product developed by Mediachase. It is targeted toward businesses, organizations, and the enterprise sector. The IBN also serves as the basis for the… …   Wikipedia

  • Russian Mafia — (Русская мафия, Russkaya Mafiya ), Red Mob (Красная мафия, Krasnaya Mafiya ) or Bratva ( Братва ; slang for brotherhood ) or Mafya or Mafiya, is a name given to a broad group of organized crime groups from the former Soviet Union (FSU)… …   Wikipedia

  • Russian mafia — In Russia / Former Soviet Union Territory International, strongholds in former Soviet states and extensive operations in Israel and the United States Ethnicity Primarily Russians, minorities of Russian Jews, Ukrainians, Abkhazians, Azerbaijanis,… …   Wikipedia

  • Russian Civil War — Clockwise from top: Soldiers of the Don Army in 1919; a White infantry division in March 1920; soldiers of the 1st Cavalry Army; Leon Trotsky in 1918; hanging of workers in Yekaterinoslav by the Czecho …   Wikipedia

  • Russian roulette — ( ru. Русская рулетка) is a potentially lethal game of chance in which participants place a single round in a revolver, spin the cylinder, place the muzzle against their head and pull the trigger. Russian refers to the country of origin of the… …   Wikipedia

  • Business and Industry Review — ▪ 1999 Introduction Overview        Annual Average Rates of Growth of Manufacturing Output, 1980 97, Table Pattern of Output, 1994 97, Table Index Numbers of Production, Employment, and Productivity in Manufacturing Industries, Table (For Annual… …   Universalium

  • Network neutrality — This article is about the general principle of network neutrality. For its specific application to Canada, see Network neutrality in Canada. For its application to the U.S., see Network neutrality in the United States. Network Neutrality Related… …   Wikipedia

  • Business ethics — For the episode from the American television series The Office, see Business Ethics (The Office). Business ethics (also corporate ethics) is a form of applied ethics or professional ethics that examines ethical principles and moral or ethical… …   Wikipedia

  • RT (TV network) — Russia Today redirects here. For other uses, see Russia Today (disambiguation). RT Launched December 10, 2005 Owned by ANO TV Novosti Picture format 4:3 ( …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”