Russian Business Network
The Russian Business Network (commonly abbreviated as RBN) is a multi-faceted cybercrime organization, specializing in and in some cases monopolizing personal identity theft for resale. It is the originator of MPack and an alleged operator of the now defunct Storm botnet.[1][2][3]
The RBN, which is notorious for its hosting of illegal and dubious businesses, originated as an
Activities
According to internet security company
Initially, much of its activity was legitimate. But apparently the founders soon discovered that it was more profitable to host illegitimate activities and started hiring its services to criminals.[5]
The RBN has been described by VeriSign as "the baddest of the bad".
The business is difficult to trace. It is not a registered company, and its domains are registered to anonymous addresses. Its owners are known only by nicknames. It does not advertise, and trades only in untraceable electronic transactions.[6]
One increasingly known activity of the RBN is delivery of
According to a since closed
Routing operations
The RBN operates (or operated) on numerous Internet Service Provider (ISP) networks worldwide and resides (resided) on specific IP addresses, some of which have Spamhaus blocklist reports.[13]
Political connections
It has been alleged that the RBN's leader and creator, a 24-year-old known as Flyman, is the nephew of a powerful and well-connected Russian politician. Flyman is alleged to have turned the RBN towards its criminal users.
See also
- List of spammers
- Russian Mafia
- Cyberwarfare in Russia
References
- ^ "RBNexploit.com". CyberDefcon / Jart Armin. Retrieved November 29, 2017.
- ^ SANS Internet Storm Center; Cooperative Network Security Community - Internet Security - isc
- ^ Topical Research Reports - Security Intelligence from VeriSign, Inc
- ^ a b Brian Krebs (2007-10-13). "Shadowy Russian Firm Seen as Conduit for Cybercrime". Washington Post.
- ^ a b Warren, Peter (2007-11-15). "Hunt for Russia's web criminals". The Guardian. London. Retrieved 2010-05-23.
- ^ a b c "A walk on the dark side". The Economist. 2007-09-30.
- ^ "Cybergang raises fear of new crime wave". timesonline.co.uk.
- ^ "Mind Streams of Information Security Knowledge: The Russian Business Network". Dancho Danchev's Blog. Retrieved October 18, 2007.
- ^ "malwarealarm .com rating by McAfee SiteAdvisor".
- ^ "RBN – The Top 20, fake anti-spyware and anti-malware Tools". rbnexploit.blogspot.com. Retrieved November 29, 2017.
- ^ "SBL64875". Spamhaus.org. Retrieved November 29, 2017.
- ^ Krebs, Brian. "Shadowy Russian Firm Seen as Conduit for Cybercrime". The Washington Post. Retrieved 2010-05-23.
- ^ "RBN IPs". EmergingThreats.net blacklist. Archived from the original on 29 October 2012. Retrieved 1 November 2012.
- ^ RBN-Georgia cyberwarfare (rbnexploit.blogspot.com - blog)
- ^ "The hunt for Russia's web crims". The Age. Melbourne. 2007-12-13.
External links
- Spamhaus – Rokso listing and description of RBN activities
- RBN Study - bizeul org - PDF
- Shadowserver - RBN as RBusiness Network AS40898 - Clarifying the guesswork of Criminal Activity - PDF