back to article Bulletproof hosts stay online by operating out of disputed backwaters

Some bulletproof hosting (BPH) operations – wellspring of all manner of online villainy – are moving their operations to the disputed territories of eastern Ukraine and Transnistria on the Moldovan border. BPH is often sold through darknet bazaars. These services sit at the centre of long-lasting, large-scale and profitable …

  1. Anonymous Coward
    Anonymous Coward

    Badlands

    Sounds like the desperadoes have gone off to the badlands to escape from the posse.

  2. Anonymous Coward
    Anonymous Coward

    How this can be news?

    Some bulletproof hosting (BPH) operations – wellspring of all manner of online villainy – are moving their operations to the disputed territories of eastern Ukraine and Transnistria

    This has been the case for years (in the case of Transnistria). You have to be an idiot or to be deliberately blindfolded by a political reasoning outside the scope of computer security in order not to notice. More specifically, declaring this openly blunts the usual propaganda message that all of Network Evil is located somewhere near Moscow. Here are some news for ya - it is not. At least today - it is the regions where they dance Gopak, not Kazachok.

    1. Anonymous Coward
      Anonymous Coward

      Re: How this can be news?

      You have to be an idiot or to be deliberately blindfolded by a political reasoning outside the scope of computer security in order not to notice.

      Nevertheless, it is a form of crime dominated by Russian criminals. You'll agree that what the Kremlin wants, the Kremlin gets, so if they haven't been shut down permanently and with maximum prejudice, then the Kremlin is actually happy for them to continue to operate.

      The change of location is not fleeing from Russian authorities, because when it matters to the Kremlin, they'll happily export some "Russian justice". So this change of location is just window dressing in order that Russian authorities can wring their hands and say "not in our jurisdiction" when the West complain about online fraud. This is also useful in the context of the links between cyber criminals and intelligence agencies, so that any contract espionage jobs will be traced back to "commercial" criminals in a third party nation.

      Given the US enthusiasm for proxy wars over the years, it would seem reasonable to expect that they will be doing exactly the same, and China is known for its enthusiasm for (in particular) commercial and technology espionage in similar ways. And just to murk-up the waters a bit more we should assume that all sides are engaged in false flag operations, and even false-false flag ops.

      1. phuzz Silver badge
        Holmes

        Re: How this can be news?

        "we should assume that all sides are engaged in false flag operations"

        Yep, you can bet that the NSA, GCHQ and everyone else, probably rents a server or two off these guys, because what makes for a a more deniable hack? "Oh, it came from Transnistria, it must be criminals".

      2. Anonymous Coward
        Anonymous Coward

        Re: How this can be news?

        it is a form of crime dominated by Russian criminals.

        1. Who told you that the Russian criminal underworld is dominated by Russians in the first place?

        2. Who told you that the "brain" and white collar ranks in said underworld are again, predominantly Russians?

        If anything, Russians are mostly footsoldiers: "Жизнь, цена - копейка". The brains and the white collars are not. Further to this, they are FROM THE REGION IN THE ARTICLE IN THE FIRST PLACE. Most of them. Just a bit further south - from Odessa.

        It is a reality - Russian criminal world is NOT dominated by Russians (since Stalin's days as a direct result of some of his less well known policies). If you need a further explanation show the mug of any oligarch to a Russian and ask him to identify the nationality. Ditto for any of the "Russian mob" around New York and Boston nowdays.

  3. Kevin McMurtrie Silver badge

    Deja Moo (I've seen the BS before)

    A couple of problems are coming together to make mega-spammers viable again. Luckily, the world has seen these problems before and brutal solutions will resolve them.

    First, the 1999 dot-com crash is starting another cycle. VCs aren't checking facts and web sites are acting like their advertisers are their customers. It's the general idea that illegal advertising and scams are an acceptable path to riches.

    Second, we have the "too big to get blacklisted" attitude coming around. OVH, ColoCrossing, Mochahost, Amazon, CloudFlare, Sologigabit, Omnis, Unified Layer, C7 Data Centers, Rackspace, Oracle, and the entire country of China are hosting spammers like nobody can touch them. There are probably a dozen more that I've forgotten because they're firewalled. Again, the world has been through this crap before and routes will be severed.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon