RBN is on the run. The hacker crew RBN (Russian Business Network) has relinquished their IP address space. Their site went dark yesterday and the URL is null routed. Thoughts are that they are on the move…to China.
From Computer World:
The Russian Business Network (RBN), a notorious hacker and malware hosting organization that operates out of St. Petersburg, Russia, has gone off the air, security researchers said today.
According to a pair of Trend Micro Inc. researchers, RBN went dark around 10 p.m. EST Tuesday. “The routing information for their IP addresses has been withdrawn,” said Paul Ferguson, a network architect at Trend Micro. “That’s significant because while RBN has had connectivity issues in the past, then the routing [to its IP addresses] was still being advertised. This time, they’ve been voluntarily withdrawn.
“This is not the result of someone, such as their ISP, blackholing their traffic,” Ferguson continued. “This was done voluntarily.” Another report, however, on The Washington Post’s Web site, claimed that while RBN has severed links to the Internet, its upstream connectivity providers had begun to refuse to route RBN traffic as early as mid-October.
So, now with the site going dark the question comes to mind. How long until they resurface?
Recently, they surfaced with an advertising buy on RSS middleware company Feedburner.com (a Google company). Makes you wonder how many folks fell for that one (assuming it was actually the RBN). [EDIT] Thanks Stian for the clarification.
At least there will be a brief respite from their shenanigans in any case.
[tags]RBN, Russian Business Network, Malware, Feedburner, RBN Offline[/tags]