Subscribe to RSS feeds


Nov7
by Feike Hacquebord (Software Engineer)

Yesterday, the infamous Russian Business Network (RBN) dropped out of the Internet at around 7 PM PST. Since then, IP addresses of RBN can no longer be reached because there is no routing for them any longer. It could be that the upstream providers who provided RBN with Internet connectivity may have terminated their services to their problematic customer temporarily or (hopefully) even permanently. Trend Micro will continue to closely monitor whether RBN remains down.

The Russian Business Network is notorious for hosting lots of malware and Web browser exploits. These threats have been injected into thousands of legitimate Web sites. Customers of RBN abuse the latest exploits for their nefarious purposes. The most recent example is a security issue in Adobe’s Acrobat Reader that was fixed only a few weeks ago.

That RBN, currently, has no Internet connectivity means that the Web is a somewhat safer place today. Unfortunately, this may not be for long. RBN may find new upstream providers. In recent weeks, moreover, Trend Micro has seen equivalents of RBN pop up in Turkey and Taiwan. These hosting providers seem to have the same kind of customer base as RBN. Thus, even if RBN drops off of the Internet permanently, its customers might find a new home soon. TrendLabs is also closely monitoring the activities in the mentioned new suspicious networks.



This entry was posted on Wednesday, November 7th, 2007 at 5:08 am and is filed under Botnet, Malicious Websites, News . Responses are closed, but you can trackback from your own site.



4 Responses to “RBN goes *Poof*”

  1. System Advancements at the Monastery » Blog Archive » The Russian Business Network is Moving to China? Says:
    November 7th, 2007 at 8:14 pm

    [...] indications that a huge swath of Internet space recently established in China may soon emerge as the next incarnation of the Russian Business Network. If Spamhaus’s assumptions are correct, RBN’s new home would include several times more [...]

  2. Open Mind Blog » Blog Archive » Das Böse isoliert Says:
    November 8th, 2007 at 9:54 am

    [...] werden die Webseiten und Dienste über kurz oder lang wieder erreichbar sein, denn Trentmicro berichtet, dass es mittlerweile auch in der Türkei und in Taiwan ähnliche Angebote gibt, auf die [...]

  3. SecureLAB’s IT Security Blog » Das Internet zur Zeit ziemlich sicher? Says:
    November 12th, 2007 at 6:00 am

    [...] Trend Micro spekuliert in ihrem Blog darüber, dass das Internet ein bisschen sicherer sei (Link). Jedoch ist es sicherlich nur eine Frage der Zeit, bis das RBN neue Upstream-Provider findet, [...]

  4. rbn Says:
    May 31st, 2008 at 4:19 am

    [...] then, IP addresses of rbn can no longer be reached because there is no routing for them any longer.http://blog.trendmicro.com/rbn-goes-poof/RBN - Wikipedia, the free encyclopediaRBN may refer to:. Revolution By Night, a UK-based electronic [...]


When Terrorists Come Out to Play
Just Got Unlucky


 
TrendWatch Hijack This Security Tips for Consumers
Free Online Virus Scan Rootkit Buster Submit Suspicious Files
Global Malware Map RUBotted? Trend Micro
Glossary of Threat Terms

 
© Copyright 2008 Trend Micro Inc. All rights reserved. Legal Notice