Russian Business Network

The Russian Business Network (commonly abbreviated as RBN) is a multi-faceted cybercrime organization, specializing in and in some cases monopolizing personal identity theft for resale. It is the originator of MPack and an alleged operator of the now defunct Storm botnet.^[1]^[2]^[3]

The RBN, which is notorious for its hosting of illegal and dubious businesses, originated as an

St. Petersburg, Russia. By 2007, it developed partner and affiliate marketing techniques in many countries to provide a method for organized crime to target victims internationally.^[4]

Activities

According to internet security company

VeriSign, RBN was registered as an internet

site in 2006.

Initially, much of its activity was legitimate. But apparently the founders soon discovered that it was more profitable to host illegitimate activities and started hiring its services to criminals.[5]

The RBN has been described by VeriSign as "the baddest of the bad".

denial of service attacks originating in the RBN network.^[6] RBN has been known to sell its services to these operations for $600 per month.^[4]

The business is difficult to trace. It is not a registered company, and its domains are registered to anonymous addresses. Its owners are known only by nicknames. It does not advertise, and trades only in untraceable electronic transactions.^[6]

One increasingly known activity of the RBN is delivery of

rogue software are linked to and hosted by the RBN.^[10]

According to a since closed

Symantec and other security firms claim RBN provides hosting for many illegal activities, including identity theft and phishing

.

Routing operations

The RBN operates (or operated) on numerous Internet Service Provider (ISP) networks worldwide and resides (resided) on specific IP addresses, some of which have Spamhaus blocklist reports.^[13]

Political connections

It has been alleged that the RBN's leader and creator, a 24-year-old known as Flyman, is the nephew of a powerful and well-connected Russian politician. Flyman is alleged to have turned the RBN towards its criminal users.

on Georgia and Azerbaijan in August 2008,^[14] may have been co-ordinated by or out-sourced to such an organization. Although this is currently unproven, intelligence estimates suggest this may be the case.^[15]

References

^ "RBNexploit.com". CyberDefcon / Jart Armin. Retrieved November 29, 2017.
^ SANS Internet Storm Center; Cooperative Network Security Community - Internet Security - isc
^ Topical Research Reports - Security Intelligence from VeriSign, Inc
^ ^a ^b Brian Krebs (2007-10-13). "Shadowy Russian Firm Seen as Conduit for Cybercrime". Washington Post.
^ ^a ^b Warren, Peter (2007-11-15). "Hunt for Russia's web criminals". The Guardian. London. Retrieved 2010-05-23.
^ ^a ^b ^c "A walk on the dark side". The Economist. 2007-09-30.
^ "Cybergang raises fear of new crime wave". timesonline.co.uk.
^ "Mind Streams of Information Security Knowledge: The Russian Business Network". Dancho Danchev's Blog. Retrieved October 18, 2007.
^ "malwarealarm .com rating by McAfee SiteAdvisor".
^ "RBN – The Top 20, fake anti-spyware and anti-malware Tools". rbnexploit.blogspot.com. Retrieved November 29, 2017.
^ "SBL64875". Spamhaus.org. Retrieved November 29, 2017.
^ Krebs, Brian. "Shadowy Russian Firm Seen as Conduit for Cybercrime". The Washington Post. Retrieved 2010-05-23.
^ "RBN IPs". EmergingThreats.net blacklist. Archived from the original on 29 October 2012. Retrieved 1 November 2012.
^ RBN-Georgia cyberwarfare (rbnexploit.blogspot.com - blog)
^ "The hunt for Russia's web crims". The Age. Melbourne. 2007-12-13.

External links

Spamhaus – Rokso listing and description of RBN activities
RBN Study - bizeul org - PDF
Shadowserver - RBN as RBusiness Network AS40898 - Clarifying the guesswork of Criminal Activity - PDF

[1] "RBNexploit.com". CyberDefcon / Jart Armin. Retrieved November 29, 2017.

[2] SANS Internet Storm Center; Cooperative Network Security Community - Internet Security - isc

[3] Topical Research Reports - Security Intelligence from VeriSign, Inc

[wp20071013-4] Brian Krebs (2007-10-13). "Shadowy Russian Firm Seen as Conduit for Cybercrime". Washington Post.

[Warren-5] Warren, Peter (2007-11-15). "Hunt for Russia's web criminals". The Guardian. London. Retrieved 2010-05-23.

[econ20070930-6] "A walk on the dark side". The Economist. 2007-09-30.

[7] "Cybergang raises fear of new crime wave". timesonline.co.uk.

[8] "Mind Streams of Information Security Knowledge: The Russian Business Network". Dancho Danchev's Blog. Retrieved October 18, 2007.

[9] "malwarealarm .com rating by McAfee SiteAdvisor".

[10] "RBN – The Top 20, fake anti-spyware and anti-malware Tools". rbnexploit.blogspot.com. Retrieved November 29, 2017.

[11] "SBL64875". Spamhaus.org. Retrieved November 29, 2017.

[12] Krebs, Brian. "Shadowy Russian Firm Seen as Conduit for Cybercrime". The Washington Post. Retrieved 2010-05-23.

[13] "RBN IPs". EmergingThreats.net blacklist. Archived from the original on 29 October 2012. Retrieved 1 November 2012.

[14] RBN-Georgia cyberwarfare (rbnexploit.blogspot.com - blog)

[15] "The hunt for Russia's web crims". The Age. Melbourne. 2007-12-13.

[1]

[2]

[3]

[4]

[6]

[10]

[13]

[14]

[15]

v t e Scams and confidence tricks
Terminology	Scam Error account Shill Shyster Sucker list
Notable scams and confidence tricks	1992 Indian stock market scam 2G spectrum case Advance-fee scam Art student scam Badger game Bait-and-switch Black money scam Blessing scam Bogus escrow Boiler room Bride scam Charity fraud Clip joint Coin-matching game Coin rolling scams Drop swindle Embarrassing cheque Exit scam Extraterrestrial real estate Fiddle game Fine print Foreclosure rescue scheme Foreign exchange fraud Fortune telling fraud Gem scam Get-rich-quick scheme Green goods scam Hustling Indian coal allocation scam IRS impersonation scam Intellectual property scams Kansas City Shuffle Locksmith scam Long firm Miracle cars scam Mismarking Mock auction Moving scam Overpayment scam Patent safe Pig in a poke Pigeon drop Pork barrel Pump and dump Redemption/A4V schemes Reloading scam Return fraud Salting Shell game Sick baby hoax SIM swap scam Slavery reparations scam Spanish Prisoner SSA impersonation scam SSC Scam Strip search phone call scam Swampland in Florida Technical support scam Telemarketing fraud Thai tailor scam Thai zig zag scam Three-card monte Trojan horse White van speaker scam Work-at-home scheme
Internet scams and countermeasures	Avalanche Carding Catfishing Click fraud Clickjacking Cramming Cryptocurrency scams Cybercrime CyberThrill DarkMarket Domain name scams Email authentication Email fraud Internet vigilantism Lenny anti-scam bot Lottery scam PayPai Phishing Referer spoofing Ripoff Report Rock Phish Romance scam Russian Business Network SaferNet Scam baiting 419eater.com Jim Browning Kitboga Scammer Payback ShadowCrew Spoofed URL Spoofing attack Stock Generation Voice phishing Website reputation ratings
Pyramid and Ponzi schemes	Aman Futures Group Bernard Cornfeld Caritas Dona Branca Earl Jones Ezubao Foundation for New Era Philanthropy Franchise fraud High-yield investment program (HYIP) Investors Overseas Service Kapa investment scam Kubus scheme Madoff investment scandal Make Money Fast Matrix scheme MMM Petters Group Worldwide Pyramid schemes in Albania Reed Slatkin Saradha Group financial scandal Secret Sister Scott W. Rothstein Stanford Financial Group Welsh Thrasher faith scam
Lists	Con artists Confidence tricks Criminal enterprises, gangs and syndicates Impostors In the media Film and television Literature Ponzi schemes

Activities

Routing operations

Political connections

See also

References

External links