Monday, October 31, 2022

Profiling a Russia-Based Bulletproof Hosting Provider - An Analysis







It should be clearly noted that in today's modern cybercrime ecosystem which is largely driven by the existence of bulletproof hosting providers which basically either ignore abuse notifications or on purposely launch rogue and fraudulent online hosting operations using their own resources or in combination with cloud-based service providers who unknowingly participate in such type of fraudulent and rogue bulletproof hosting schemes including actual malicious software spam and botnet C&C hosting we've continuing to observe an increase in the overall volume of these providers where we're also witnessing their use by both novice and experienced cybercriminals where the ultimate goal would be to increase the average time it takes for vendors organizations and researchers to take offline their rogue fraudulent and malicious campaigns.

In this post I'll discuss several of the high-profile bulletproof hosting providers that were active circa 2010 and I'll provide some actionable intelligence on the infrastructure behind them with the idea to assist everyone in their cyber attack and cyber campaign attribution efforts.
Sample screenshots include:





Related bulletproof hosting providers that were active back in 2010 include:
hxxp://securehost.com
hxxp://ccihosting.com
hxxp://wrzhost.com
hxxp://underhost.com
hxxp://shinjiru.com
hxxp://offshorehosting.com
hxxp://offshoreracks.com
hxxp://hostimizer.com
hxxp://zentek-international.com
hxxp://anonhoster.com
hxxp://webcare360.com
hxxp://altushost.com
hxxp://anonymoushosting.org
hxxp://nodmca.nl
hxxp://goip.com
hxxp://serverslease.net
hxxp://e-investhost.com
hxxp://eukhost.com
hxxp://adulthosting.com
hxxp://webhostingchoice.com
hxxp://adulthostingservers.com
hxxp://hostsearch.com
hxxp://adult-host.ru
hxxp://layeredlink.ru
hxxp://xlhost.ru
hxxp://park-web.ru
hxxp://web750.com
hxxp://cirtexhosting.com
hxxp://wlw.su
hxxp://warez-host.com
hxxp://abuzhost.ru
hxxp://peterhost.ru
hxxp://fastvps.ru

Stay tuned!

No comments:

Post a Comment