>but the root of the problem has not been fixed.

Of course not! The root of the problem is an insecure by design network coupled with the fact that once it reached a certain saturation point in world-wide usage, unscrupulous people were bound to use it to separate the foolish and/or ignorant from their money. When you can reach 100,000,000 people for pennys, even a 0.001% response rate can be a good ROI ...

Do I have "The Answer"? Sure! Of course I do ... Educate the entire planet!

But realistically, that ain't gonna happen soon.

So I block the malware hosting sites. Saves time & energy in the long run.

With laws formerly on the cards about booting people of the net if they get caught uploading copyrighted media, and with silly % of bandwidth devoted to spam/malware//torrents, it would be a strong business incentive to clean up if you ban ip blocks with greater than x% "bad traffic"

of course that would make most of the internet unusable, and basically remove "safe harbour" protection, as judgments will have to be made as regards to what constitutes bad traffic. No one wants that kind of liability.

*sigh* oh for day when users take responsibility for their own sodding connections. :(

You take the worst site of the internet what about the 2nd worst .... follow along that path and you end up with a heavily censored internet where only the most unoffensive of content is permitted.

I get very nervous when anyone does an end run around a direct legal challenge to a website and forces someone to hand over a domain name, cancel an account or block traffic.

I guess I am this situation where companies are voluntarily refusing to associate with another company.

But I am very concerned with what happened with the gambling sites and their domain names.

The DNSchanger malware for Macs was until recently being spread through a large network of fake pr0n sites, fake antivirus sites, hacked sites, hacked WordPress and phpNuke installs, and so on, but all the various sites and redirectors dedicated to spreading this bit of malware were all pulling the malware itself from the same IP address, in Intercage's address space.

Since Intercage went dark, I've confirmed that the server being used to dish up the DNSchanger malware is no longer reachable.

I've no doubt that the criminals are going to put it up on another server at some point, of course, but they'll have to reconfigure their network of fake pr0n sites and hacked legitimate sites and so on to point to the new server when that's done, so in the meantime this particular bit of malware doesn't seem to be spreading.