Profiling a Russia-Based Bulletproof Hosting Provider - An Analysis

It should be clearly noted that in today's modern cybercrime ecosystem which is largely driven by the existence of bulletproof hosting providers which basically either ignore abuse notifications or on purposely launch rogue and fraudulent online hosting operations using their own resources or in combination with cloud-based service providers who unknowingly participate in such type of fraudulent and rogue bulletproof hosting schemes including actual malicious software spam and botnet C&C hosting we've continuing to observe an increase in the overall volume of these providers where we're also witnessing their use by both novice and experienced cybercriminals where the ultimate goal would be to increase the average time it takes for vendors organizations and researchers to take offline their rogue fraudulent and malicious campaigns.

In this post I'll discuss several of the high-profile bulletproof hosting providers that were active circa 2010 and I'll provide some actionable intelligence on the infrastructure behind them with the idea to assist everyone in their cyber attack and cyber campaign attribution efforts.

• Recommended reading - Historical OSINT - How TROYAK-AS Utillized BGP-Over-VPN To Serve The Avalance Botnet

Sample screenshots include:

Related bulletproof hosting providers that were active back in 2010 include:

hxxp://securehost.com

hxxp://ccihosting.com

hxxp://wrzhost.com

hxxp://underhost.com

hxxp://shinjiru.com

hxxp://offshorehosting.com

hxxp://offshoreracks.com

hxxp://hostimizer.com

hxxp://zentek-international.com

hxxp://anonhoster.com

hxxp://webcare360.com

hxxp://altushost.com

hxxp://anonymoushosting.org

hxxp://nodmca.nl

hxxp://goip.com

hxxp://serverslease.net

hxxp://e-investhost.com

hxxp://eukhost.com

hxxp://adulthosting.com

hxxp://webhostingchoice.com

hxxp://adulthostingservers.com

hxxp://hostsearch.com

hxxp://adult-host.ru

hxxp://layeredlink.ru

hxxp://xlhost.ru

hxxp://park-web.ru

hxxp://web750.com

hxxp://cirtexhosting.com

hxxp://wlw.su

hxxp://warez-host.com

hxxp://abuzhost.ru

hxxp://peterhost.ru

hxxp://fastvps.ru

Stay tuned!