Feathercoin daemon and wallet production version 0.17.0.1

Which countries host spam?


  • Moderators | Tip wrapper

    I’ve combined a list of repeat offenders, spam, ssh attacks as a general research. Cross checked with http://www.stopforumspam.com/

    Where does all this spam comes from? Is it all proxied? are some IP ranges the wild west? Are there many botnets being used? Are some questions worth asking.

    The chart shows “ranges” where multiple spamming or other abuse has been logged. Thousands of data points have been compressed to about 550 IP ranges susceptible to hosting spammers.

    Some of the ranges are particular host services otherwise they are random IPs from bots or a rogue spammer exploiting a school or someone using their own or someone else’s phone or PC.

    Also, note that USA might have most, but they have way more connections, so proportionally you’d expect them to be high. The same applies to the China figures which may be small proportionally for such a large population.

    banlist country analysis 19 01 2016 ordered


  • | Tip mirrax

    @wrapper said:

    I’ve combined a list of repeat offenders, spam, ssh attacks as a general research. Cross checked with http://www.stopforumspam.com/

    Where does all this spam comes from? Is it all proxied? are some IP ranges the wild west? Are there many botnets being used? Are some questions worth asking.

    The chart shows “ranges” where multiple spamming or other abuse has been logged. Thousands of data points have been compressed to about 550 IP ranges susceptible to hosting spammers.

    Some of the ranges are particular host services otherwise they are random IPs from bots or a rogue spammer exploiting a school or someone using their own or someone else’s phone or PC.

    Also, note that USA might have most, but they have way more connections, so proportionally you’d expect them to be high. The same applies to the China figures which may be small proportionally for such a large population.

    https://cloud.githubusercontent.com/assets/4609536/12433055/cdeca080-bef6-11e5-8e9b-d3e81a7a83b3.jpg

    Czechoslovakia? Seriously?


  • Moderators | Tip wrapper

    Thanks for the spell checking but copying the error sort of defeats the point. I’ve pushed a fix to your issue to Github.


  • Moderators | Tip wrapper

    Verizon Routing Millions of IP Addresses for Cybercrime Gangs

    Over the past few years, spammers have sought out large ranges of IP addresses.

    By spreading out their sending patterns across a wide range of IP addresses, they can attempt to defeat spam filters and get spam and malware emails delivered where they are not wanted.

    However, IPv4 addresses are getting scarce and hard to come by. In fact, as of September 2015, the Internet Registry ARIN (American Registry for Internet Numbers) allocated the final block of IPv4 addresses from its free pool.

    Because spammers can’t easily obtain new IP addresses through legitimate means, they frequently resort to stealing IP address blocks that are dormant and aren’t being utilized by the rightful owners.

    There is a thriving black market in IP addresses; spammers don’t care whether the source of their IP addresses is legitimate or even legal. A cybercriminal that can steal a large IP address block (for example, a /16 or 65,536 IP addresses) can generate thousands of dollars per month.

    For cybercriminals to make use of their stolen blocks however, a crucial step is to find an Internet Service Provider(ISP) or network with the ability to route these IP addresses to the rest of the Internet by using an autonomous system number (ASN).

    Also crucial is finding an ISP who won’t look too closely at the highly suspicious routing request. To get the routes to their stolen IP addresses announced, criminals will present forged authorization documents (which constitutes felony wire fraud under U.S. law).

    http://www.spamhaus.org/news/article/726/

    https://www.spamhaus.org/statistics/networks/


  • Moderators | Tip wrapper

    Researchers have discovered multiple botnets January 27, 2016

    In 2014, law enforcement agencies revealed that they had disrupted a Russian botnet that targeted personal bank accounts and stole $100 million.

    Ben-Gurion University of the Negev cyber security researchers have discovered and traced approximately six botnets by analyzing data collected from past cyber attacks. The research was conducted at Deutsche Telekom Innovation [email protected] and was announced at Cybertech 2016 in Tel Aviv today.

    Botnets are networks of malicious, remotely updatable code that covertly lurk on infected computers. Using botnets, which until now were largely untraceable, hackers and cyber criminals can carry out powerful attacks, spread viruses, generate spam, and commit other types of online crime.

    http://phys.org/news/2016-01-multiple-botnets.html

    Know your Enemy: Tracking Botnets : Using honeynets to learn more about Bots

    https://www.honeynet.org/book/export/html/50