Ukrainian cybercrime-friendly ISP hit by fire after clean-up

How curious


A Ukrainian ISP hit by fire over the weekend was in the process of cleaning up its act after earlier being labelled as a leading haven for cybercrime, PC World reports.

Odessa-based Hosting.ua was hit by a fire on March 27 that resulted in severe damage to its infrastructure and took it offline. HostExploit.com, which tracks the distribution of crimeware on the net, reported late last year that Hosting.ua was the fourth in a rogue's gallery of ISPs that hosted spam, malware or other internet crud.

However, over the last three months the Ukranian ISP had begun cleaning up its act, dropping way down to rank 381 in HostExploit.com's list of shame. Of the 5,381 websites tested on this network over the past three months, 291 of the websites served content that resulted in malicious downloads.

Pressure from law enforcement and upstream providers may have pushed Hosting.ua towards cleaning up its business. Being identified as a haven for cybercrime leads to blacklisting that can affect the site of legitimate customers hosted with an ISP, a security researcher who worked with HostExploit.com who goes by the nickname Jart Armin explained.

Hosting.ua is home to an estimated 500,000 websites. It's unclear when it will be able to restore services to normal. A holding statement on the host site (Google translation below) charts the progress towards restoring services.

Full coverage of the incident will be given later, at a time when there will be a free human resources at the moment we can afford only short messages, to keep everyone informed.

In particular, we want to inform you that, at present, developments, we can conclude that the data remained in a virtual hosting is not corrupted backup servers.

Power lines, diesel generators, switchboards, optical backbone is not affected and have switched to the second premise datacenters, which was scheduled to launch in 3[rd] quarter of 2010.

At present, work is underway to restore the efficiency of virtual hosting and construction of racks to move the unaffected servers. It is primarily about servers with letter indices A, B, C, D, G. Information from the server, the indexes that begin with E and F is beyond repair, users of these servers will provide new dedicated server.

Some of the bad sites formerly hosted with Hosting.ua have migrated to the US, according to HostExploit.com

The cause of the fire is also unknown, but Armin of HostExploit cited unconfirmed reports from the Ukraine suggesting that fire alarms at the site may have been deliberately disconnected, providing circumstantial evidence of arson.

HostExploit.com has pictures of the aftermath of the fire at Hosting.ua in an informative blog entry here. ®

Narrower topics


Other stories you might like

  • Verizon: Ransomware sees biggest jump in five years
    We're only here for DBIRs

    The cybersecurity landscape continues to expand and evolve rapidly, fueled in large part by the cat-and-mouse game between miscreants trying to get into corporate IT environments and those hired by enterprises and security vendors to keep them out.

    Despite all that, Verizon's annual security breach report is again showing that there are constants in the field, including that ransomware continues to be a fast-growing threat and that the "human element" still plays a central role in most security breaches, whether it's through social engineering, bad decisions, or similar.

    According to the US carrier's 2022 Data Breach Investigations Report (DBIR) released this week [PDF], ransomware accounted for 25 percent of the observed security incidents that occurred between November 1, 2020, and October 31, 2021, and was present in 70 percent of all malware infections. Ransomware outbreaks increased 13 percent year-over-year, a larger increase than the previous five years combined.

    Continue reading
  • Slack-for-engineers Mattermost on open source and data sovereignty
    Control and access are becoming a hot button for orgs

    Interview "It's our data, it's our intellectual property. Being able to migrate it out those systems is near impossible... It was a real frustration for us."

    These were the words of communication and collaboration platform Mattermost's founder and CTO, Corey Hulen, speaking to The Register about open source, sovereignty and audio bridges.

    "Some of the history of Mattermost is exactly that problem," says Hulen of the issue of closed source software. "We were using proprietary tools – we were not a collaboration platform before, we were a games company before – [and] we were extremely frustrated because we couldn't get our intellectual property out of those systems..."

    Continue reading
  • UK government having hard time complying with its own IR35 tax rules
    This shouldn't come as much of a surprise if you've been reading the headlines at all

    Government departments are guilty of high levels of non-compliance with the UK's off-payroll tax regime, according to a report by MPs.

    Difficulties meeting the IR35 rules, which apply to many IT contractors, in central government reflect poor implementation by Her Majesty's Revenue & Customs (HMRC) and other government bodies, the Public Accounts Committee (PAC) said.

    "Central government is spending hundreds of millions of pounds to cover tax owed for individuals wrongly assessed as self-employed. Government departments and agencies owed, or expected to owe, HMRC £263 million in 2020–21 due to incorrect administration of the rules," the report said.

    Continue reading

Biting the hand that feeds IT © 1998–2022