Infamous cybercrime hosting outfit Russian Business Network (RBN) has disappeared again, days after quitting Russia and setting up shop in China.

RBN obtained seven net blocks of Chinese IP addresses. Last Wednesday (8 November), some of RBN's clients began popping up on some of the 5,120 IP addresses it had acquired. But a day later China cut the connection to six of the seven net blocks controlled by RBN, once again forcing it offline.

"[A break-up] may keep it under the radar, but it's also more expensive for them, and it's riskier, too, because the more ISPs that it has to deal with, the better the chance that one of those ISPs says 'no' to hosting RBN content and shuts them off," an iDefense analyst told Computerworld.

RBN is notorious for hosting multiple instances of malware and web browser exploits. More recently it was fingered as the source of exploits based on a vulnerability in Adobe's Acrobat Reader. Its so-called "bulletproof hosting" facilities are also suspected of harbouring child pornography and phishing sites. ®

Related stories

• Analysis Wikileaks judge gets Pirate Bay treatment (21 February 2008)
• Russian FSB 'protecting' Storm Worm gang (31 January 2008)
• Mind the gap Saturday The biz of biz in China (Part 2) (8 December 2007)
• Mind the Gap Saturday The biz of biz in China (Part 1) (1 December 2007)
• Cyber cold war fears grow (29 November 2007)
• UK punters lose faith in phished brands (26 November 2007)
• Mind the Gap Saturday: Forums East and West (24 November 2007)
• Mind the Gap Saturday: Forums East and West (17 November 2007)
• Controversial Russian Business Network drops offline (8 November 2007)
• Attackers turn Bank of India site into malware bazaar (1 September 2007)
• Fast flux foils botnet takedown (11 July 2007)
• First Chinese firm hit by spam fine (23 August 2006)
• MS fires armour-piercing suit at 'bullet-proof' spam host (24 September 2004)
• Spamming for Dummies (27 July 2004)
• Spam fighters infiltrate spam clubs (14 May 2004)