Government // Cybersecurity
News
6/4/2009
06:15 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

FTC Shuts Down 'Worst ISP In U.S.'

Pricewert LLC is accused of hosting and actively distributing child pornography, malware, and spam.

The Federal Trade Commission on Thursday said that it had shut down a rogue Internet service provider that knowingly hosted and actively distributed child pornography, malware, and spam.

Pricewert LLC, which does business under several names, including 3FN and APS Telecom, had its Internet connection terminated on Tuesday by order of a San Jose, Calif., district court judge, at the request of the FTC. A hearing on the temporary restraining order is scheduled for June 15.

According to court documents in support of the temporary restraining order, Gary Warner, director of computer forensics research at the University of Alabama at Birmingham, believes that following the shutdown of McColo and Atrivo/Intercage last year, Pricewert "is now the worst ISP located in the United States in terms of hosting malicious content."

The only entity named in the case is Pricewert. Ethan Arenson, an attorney with the FTC's Bureau of Consumer Protection, said that the individuals behind the company are overseas in Eastern Europe. He declined to comment on a possible extradition effort or coordination with authorities abroad.

Whether the individuals doing business as Pricewert will face charges remains an open question. Pricewert is essentially an Oregon shell corporation with some servers in San Jose.

Vincent Weafer, VP at Symantec Security Response, said his company had provided data gathered from its global Internet sensor network about malicious software served by Pricewert.

Symantec identified more than 600 IP addresses controlled by 3FN that had launched malicious attacks, according to court documents. The FTC said it had identified more than 4,500 malicious programs directed by the command-and-control servers hosted by 3FN.

Weafer doesn't expect a repeat of the 50% spam volume decline that followed the closure of McColo. Those behind Pricewert are already taking their business elsewhere. "I'm seeing messages of people moving rapidly to other hosting services," he said.

"The bad guys like operating out of developed countries like the U.S. because the hosting is reliable and more likely to be accepted to users," he said. "But they don't physically need to be there. You can run an awful lot of this remotely."

Weafer said that several computer security companies and organizations contributed information to bring down Pricewert. Beyond the FTC, the University of Alabama, and Symantec, other contributing organizations include NASA (targeted by 3FN hosted attacks), the National Center for Missing and Exploited Children, the Shadowserver Foundation, and the Spamhaus Project.

Since the DNS flaw identified by Dan Kaminsky last year and the more recent Conficker worm, there has been more cooperation in the fight against cybercrime, Weafer said.

"We definitely want to be much more active in this because we think it's very much a part of our business," he said.


InformationWeek Analytics has published an independent analysis on what executives really think about security. Download the report here (registration required).

Comment  | 
Print  | 
More Insights
Cyber Security Standards for Major Infrastructure
Cyber Security Standards for Major Infrastructure
The Presidential Executive Order from February established a framework and clear set of security standards to be applied across critical infrastructure. Now the real work begins.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - August 20, 2014
CIOs need people who know the ins and outs of cloud software stacks and security, and, most of all, can break through cultural resistance.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.