A LATVIAN HOSTING COMPANY that was thought to have harboured the world's biggest phishing botnet has been forced to shut up shop by the Swedish telecoms outfit Telis Sonera.
Real Host, which owned the AS8206 Junik server based in Riga that spread the Zeus botnet, has been linked to almost half of the world's phishing attacks in which Russian gangsters attempted to steal the identities and bank details of Internet users.
The Russian Business Network (RBN), which inhabited the same server, had been described as one of the world's most blatant cybercrime networks and was considered a bullet proof hosting hub by digital dastards the world over.
Under the counter goings on served at Real Host connected sites included exploits for unpatched zero-day flaws, malware payloads to drop on victims PCs (including fake codecs, banking trojans, spambots, fake antivirus software and even a Mac trojan), phishing websites, money mule (pyramid selling for the terminally stupid) recruitment sites, cracked software and illegal porn.
Real Host has been compared to McColo and Atrivo, the two most notorious hosting companies in the history of the Internet, and was described by one observer as "a cesspool of criminal activity".
The Zeus trojan is estimated to have infected up to 3.6 million individual PCs and could be purchased from sites hosted on the Latvian server for as little as $1,000. µ
Sign up for INQbot – a weekly roundup of the best from the INQ