Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror

Submission + - Hotbed of Cybercrime Activity Tracked Down to ISP in Ukrainian Civil War Region (bleepingcomputer.com)

An anonymous reader writes: Last week, WordPress security firm WordFence revealed it detected over 1.65 million brute-force attacks originating from an ISP in the Ukraine that generated more malicious traffic than GoDaddy, OVH, and Rostelecom, put together.

A week later, after news of WordFence's findings came to light, Ukrainian users have tracked down the ISP to a company called SKS-Lugan in the city of Alchevs'k, in an area controlled by pro-Russian forces in eastern Ukraine.

All clues point to the fact that the ISP's owners are using the chaos created by the Ukrainian civil war to host cyber-crime operations on their servers. Some of the criminal activities the ISP hosts, besides servers for launching brute-force attacks, includes command-and-control servers for the Locky ransomware, [email, comment, and forum] spam botnets, illegal streaming sites, DDoS stressers, carding sites, several banking trojans (Vawtrack, Tinba), and infostealers (Pony, Neurevt).

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Hotbed of Cybercrime Activity Tracked Down to ISP in Ukrainian Civil War Region

Comments Filter:

"The number of Unix installations has grown to 10, with more expected." -- The Unix Programmer's Manual, 2nd Edition, June, 1972

Working...