NOW READ THIS
("Security Advisory")

Go Back

Submitted by: Bill Hickey
NCVA Listmaster

NRT-0607 Reports guestion ICANN associations with online scammers:


Two recently issued reports allege that the Internet Corporation for Assigned Names and Numbers (ICANN) has had questionable associations with organizations involved in cybercrime operations, according to an online press report.

In one report, researchers Jart Armin, James McQuaid, and Matt Jonkman detail the ties of ICANN sponsor, LogicBoxes, to one of the net's more prolific sources of malware and illegal online pharmacies. Over the past two years, ICANN has listed LogicBoxes as a sponsor for meetings that took place in Los Angeles and Delhi, India. The company has an association with Atrivo, a network provider that also goes by the name of Intercage. According to the study, a random sampling of 2,600 addresses hosted by Atrivo revealed 7,340 malicious Web links, 910 infected Web sites, 310 malicious binaries, and 113 botnet command and control servers. As an autonomous systems (AS) provider, the Concord, California‑based company controls a large number of IP addresses. The report details how Atrivo works with other companies to enable anonymous sites that promote scareware, malware, and online sites pushing drugs such as Viagra.

A second report issued by Knujon details 48 phantom domain name registrars whose sole purpose seems to be the registration of addresses used in spam and malware campaigns. All of them can be linked back to the Directi Group, which has long been a prolific provider of URLs to scammers. According to Knujon, the 48 registrars are violating ICANN's own rules requiring them to clearly identify their business name and business address.

[www.theregister.co.uk 3 Sep 08]


Valid XHTML 1.0! Valid CSS! Counter Image
Last Modified: Thursday, 09-Oct-2008 07:27:09 EDT