Feeds

Ukrainian cybercrime-friendly ISP hit by fire after clean-up

How curious

Protecting users from Firesheep and other Sidejacking attacks with SSL

A Ukrainian ISP hit by fire over the weekend was in the process of cleaning up its act after earlier being labelled as a leading haven for cybercrime, PC World reports.

Odessa-based Hosting.ua was hit by a fire on March 27 that resulted in severe damage to its infrastructure and took it offline. HostExploit.com, which tracks the distribution of crimeware on the net, reported late last year that Hosting.ua was the fourth in a rogue's gallery of ISPs that hosted spam, malware or other internet crud.

However, over the last three months the Ukranian ISP had begun cleaning up its act, dropping way down to rank 381 in HostExploit.com's list of shame. Of the 5,381 websites tested on this network over the past three months, 291 of the websites served content that resulted in malicious downloads.

Pressure from law enforcement and upstream providers may have pushed Hosting.ua towards cleaning up its business. Being identified as a haven for cybercrime leads to blacklisting that can affect the site of legitimate customers hosted with an ISP, a security researcher who worked with HostExploit.com who goes by the nickname Jart Armin explained.

Hosting.ua is home to an estimated 500,000 websites. It's unclear when it will be able to restore services to normal. A holding statement on the host site (Google translation below) charts the progress towards restoring services.

Full coverage of the incident will be given later, at a time when there will be a free human resources at the moment we can afford only short messages, to keep everyone informed.

In particular, we want to inform you that, at present, developments, we can conclude that the data remained in a virtual hosting is not corrupted backup servers.

Power lines, diesel generators, switchboards, optical backbone is not affected and have switched to the second premise datacenters, which was scheduled to launch in 3[rd] quarter of 2010.

At present, work is underway to restore the efficiency of virtual hosting and construction of racks to move the unaffected servers. It is primarily about servers with letter indices A, B, C, D, G. Information from the server, the indexes that begin with E and F is beyond repair, users of these servers will provide new dedicated server.

Some of the bad sites formerly hosted with Hosting.ua have migrated to the US, according to HostExploit.com

The cause of the fire is also unknown, but Armin of HostExploit cited unconfirmed reports from the Ukraine suggesting that fire alarms at the site may have been deliberately disconnected, providing circumstantial evidence of arson.

HostExploit.com has pictures of the aftermath of the fire at Hosting.ua in an informative blog entry here. ®

The next step in data security

More from The Register

next story
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
'Speargun' program is fantasy, says cable operator
We just might notice if you cut our cables
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.