Saturday, June 6, 2009

Malicious Website Servers Shutdown

The Federal Trade Commission (FTC) shutdown an Internet Service Provider (ISP) that was hosting and distributing malicious programs, spam and even allegations of child pornography, according to InformationWeek.com. The only entity named in the charges is the company named Pricewert LLC had the internet unplugged on them by a San Jose, CA district court judge, at the request of the FTC. A temporary restraining order hearing will be on June 15.

The malicious software distributed included Conficker and an exploit in the DNS. Gary Warner, director of computer forensics at research at the University of Alabama at Birmingham reports it is the worst ISP hosting malicious content in the United States in his opinion, according to the above article on InformationWeek.com, June 4, '09.

The Oregon-based Pricewert LLC, acts as a 'shell company' for individuals located in Eastern Europe who appear to be out of the jurisdiction of the United States, according to InformationWeek.com. Indictedment may be not likely. Pricewert LLC also operated under other names such as 3FN that were identified by Symantec as operating about 600 ip addresses that executed malicious software on unsuspecting visitors to their websites. Even more amazing is that the FTC alleges that 3FN were responsible for 4,500 malicious programs, according to InformationWeek.com.

Although experts don't predict the decline of spam when McColo
and Atrivo/Intercage last year was eliminated as spammers but this shutdown will help reduce the number of infected machines by at least a margin. Vincent Weafer, VP at Symantec Security Response, says these guys that are overseas do not have to be on our shore because they can easily remote to administor, people more trust U.S. servers and realible hosting that is available.

Deception is commonly used to exploit social behavior tricking users into downloading either knowing or unkowingly as experienced by Dallas Computer Repair.

No comments: