One of the biggest players in online crime has suddenly disappeared from the web, prompting fears that the gang are likely to restart as an even bigger threat from a new base.

RBN (Russian Business Network), a shadowy Russian organisation with alleged links to the Russian government, was operating from St Petersburg before disappearing from the Internet this week. Security experts now fear that the gang (for want of a better word) are setting up a new online base of operations in China.

RBN are believed to be behind a large percentage of the online crime committed in recent years, playing a role in corporate blackmail, spam attacks, online identity theft, and even child pornography. Experts claim that the gang provide bulletproof websites for other criminals to launch attacks from.

These sites can look perfectly legitimate, but actually plant malware on visitors computers. These can then be used to steal passwords, send junk email or launch cyber attacks on secure networks.

Raimund Genes, chief technology officer of Trend Micro’s antivirus division explained how the group seemingly disappeared from the web on Tuesday:

“It feels like their upstream providers put them on a blacklist and terminated services to this problematic customer,”

“All kinds of cybercrime was on RBN sites, but recently, they’ve become too greedy. They infiltrated a Turkish government site so that it pointed to a site in Panama that was registered under RBN. (The site) was rented to multiple malware gangs.”

It seems that the group may already have resurfaced in Asia, with sites in Taiwan and China now hosting malicious software packing kits that RBN has been notorious for using.

Genes contnued:

“Sites in Taiwan and China are now hosting malware with the same behavior. MPack (packer kit) and its IcePack add-on are being offered, as well as iframe exploits.”

This is very worrying, as cybercrime is already increasing at an exponential rate. The US treasury even estimated the activity to now be even more lucrative than drug trafficking, earning criminals more than $100 billion a year.

Symantec, recently alleged in a report that “the RBN has links with the criminal underground and government in Russia.” The move to a new Chinese base may be due to Russian authorities recently promising to impose tougher penalties on internet criminals.

Now China need to crack down on the activities too, as otherwise the Internet could soon become a lawless place.

Related:

Entry was posted on Saturday, November 10th, 2007 at 3:34 pm under Crime, Internet, Malware, Scams.

Read more entries by Dave Parrack.
Stumble It!