Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    March 2013
    S M T W T F S
    « Feb   Apr »
  • Email Subscription

  • About Us

    Archive for March 29th, 2013

    Hacktivism and crime is a toxic combination for the health of the Internet. This was shown once again in the recent DDOS attack against that peaked at 300 Gbit/s. Spamhaus is a non-profit anti-spam organization that helps to filter spam for millions of Internet users. When Spamhaus goes down a lot of inboxes will be flooded with spam.

    The DDOS attack was allegedly orchestrated by a Dutch webhosting company called Cyberbunker and CB3Rob. This webhosting company has roots in the hacker scene and has hosted Wikileaks and the Pirate Bay in the past. Cyberbunker claims to have a datacenter in a former NATO bunker in the Netherlands. It is not clear whether that is still true today, and what exact role Cyberbunker had in the DDOS attack against Spamhaus. The owner of Cyberbunker/CB3Rob does act as the spokesman of an attack that tries to blast a company away from the Internet as if that is a normal job. Here is where so called hacktivism on the Internet has derailed totally. The boundary between crime and hacktivism has been blurred. A reality check for Cyberbunker is in order.

    Spamhaus claims that Cyberbunker/CB3rob is among the worst webhosting companies in the world. We do see problems ourselves too, but we wouldn’t rate CB3Rob as the worst webhosting company. However, CB3Rob claims that it will host anything except things related to child abuse and terrorism. This may be inspired by an idealistic view that anybody should have an uncensored access to the Internet and inspired cybercriminals as well. This is where hacktivism meets crime – a toxic combination.

    A good illustration that crime corrupts hacktivsm is that the network of Cyberbunker has been used in a BGP hijack of an IP address of a DNS server of Spamhaus ( The DNS servers of Spamhaus are a vital part of its antispam protection. The hijack was an attempt to inject lots of false positives into the spam reputation system of Spamhaus. Though this hijack did not cause a lot of damage as most networks did not accept the hostile BGP announcement, the intention was clear: someone using Cyberbunker/CB3Rob’s network tried to sabotage the spam reputation system of Spamhaus. It does not resemble hacktivism, but rather resembles crime.

    Read the rest of this entry »



    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice