Russian Business Network study - bizeul.org
06.02.2015 Views
Share Embed Flag

Russian Business Network study - bizeul.org

Russian Business Network study - bizeul.org

Russian Business Network study - bizeul.org

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
fserror.com

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

Version 1.0.1<br />

RBN <strong>study</strong> – before and after<br />

David Bizeul<br />

Summary<br />

Abstract: .........................................................................................................................................................2<br />

Summary.........................................................................................................................................................3<br />

Overview .........................................................................................................................................................4<br />

1. <strong>Russian</strong> cybercrime......................................................................................................................................4<br />

2. RBN at a glance ...........................................................................................................................................5<br />

RBN activities / Web focus............................................................................................................................6<br />

1. Malware diffusion .........................................................................................................................................6<br />

2. Phishing......................................................................................................................................................10<br />

3. Other malicious activities............................................................................................................................10<br />

RBN <strong>org</strong>anization / <strong>Network</strong> data ...............................................................................................................11<br />

1. Overview on BGP and Internet...................................................................................................................11<br />

2. Internetworking and AS peering .................................................................................................................11<br />

3. ISP and IXP................................................................................................................................................11<br />

4. AS Path ......................................................................................................................................................12<br />

5. The RBN IP path ........................................................................................................................................12<br />

6. The RBN <strong>Network</strong>s virtually........................................................................................................................13<br />

7. The RBN <strong>Network</strong>s logically.......................................................................................................................18<br />

8. The RBN <strong>Network</strong>s physically ....................................................................................................................19<br />

9. The RBN <strong>Network</strong>s in the Internet..............................................................................................................20<br />

10. Affiliates presentation through networks................................................................................................21<br />

Too Coin Software .........................................................................................................................................21<br />

SBT................................................................................................................................................................21<br />

RBN ...............................................................................................................................................................21<br />

AkiMon...........................................................................................................................................................21<br />

Nevacon.........................................................................................................................................................22<br />

Silvernet.........................................................................................................................................................22<br />

Linkey ............................................................................................................................................................22<br />

Eltel2..............................................................................................................................................................22<br />

Luglink ...........................................................................................................................................................22<br />

Eltel................................................................................................................................................................22<br />

Other affiliates................................................................................................................................................23<br />

RBN customers / Real stats ........................................................................................................................24<br />

1. Running services on entities.......................................................................................................................24<br />

2. Hosted web pages......................................................................................................................................25<br />

Investigation and analysis ..........................................................................................................................27<br />

1. Lookup, IP history, NS history and, registrar history...................................................................................27<br />

2. <strong>Network</strong> Whois ...........................................................................................................................................28<br />

3. Reverse IP and reverse NS analysis..........................................................................................................31<br />

4. Simple DNS analysis..................................................................................................................................31<br />

5. Whois history..............................................................................................................................................32<br />

6. Information correlation and assumptions....................................................................................................35<br />

A nefarious social network .........................................................................................................................36<br />

1. Deliberately complex and false...................................................................................................................36<br />

2. Behind the curtains.....................................................................................................................................38<br />

RBN evolution ..............................................................................................................................................43<br />

1. Changes in hosted domain names .............................................................................................................43<br />

2. Changes in locations ..................................................................................................................................43<br />

3. Evolution.....................................................................................................................................................44<br />

Mitigation strategies ....................................................................................................................................45<br />

4. Think big to understand the threat impact and to predict evolution ............................................................45<br />

5. Act small.....................................................................................................................................................46<br />

Conclusion ...................................................................................................................................................50<br />

Annexes........................................................................................................................................................51<br />

1. Tools and services used for this <strong>study</strong> .......................................................................................................51<br />

2. RBN content ...............................................................................................................................................52<br />

3

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!