Monday, December 22, 2014
Text Size


Cybercrime: The Franchise


Do-it-yourself cyber-crime kits have emerged for the average PC user, with built-in anti-virus protection and complete online security avoidance features.

Once upon a time, professional hackers needed the skills of willing script kiddies to exploit your PC or enterprise. Then along came the exploit kit, such as the “MPack,” courtesy of the RBN (Russian Business Network), and a new business enterprise was born.

Today, a new generation of exploits is available in off-the-peg kits requiring no more operational skill than that of a competent user.

One of the latest headline victims of an exploit kit was the US Treasury Website. Panda Security detailed how it happened -- and how a new generation of kits or packs can identify security vulnerabilities, select the preferred method of intrusion, and carry out the exploit, whether that be by PDF, an embedded iframe, or any other chosen method of exploitation.


European Cybercrime Strategy: ENISA Country Report Reveals All


ENISA (the European Network and Information Security Agency) has released the findings of a recent major study into the key Network and Information Security (NIS) framework for all 30 participating countries.

The results of the research carried out by Deloitte, on behalf of ENISA, are available as separate PDF reports for each country.

Overall, the research shows a varied approach towards NIS national strategy with no obvious pattern derived from size or NIS maturity.


Top 50 Bad Hosts March 2010 - New Report

HostExploit is pleased to present the Q1 2010 report on the Top 50 Bad Hosts and Networks. Using our own data, supplied by, together with Open Security partners, HostExploit has compiled an updated HE Index of the worst internet hosting players around the world.

Download the report here.

Findings in the report are based on data generated by public ASes (Autonomous Systems) exchanging routing information with each other over the public internet. ‘Bad’ activity in this context includes traffic generated by botnets, spam, MALfi, phishing, malware, exploits and the control centers that manage these activities.

By using a unique combination of actuarially-weighted mathematical equations, a bespoke ‘badness’ rating is created showing the worst hosting organizations for cyber-criminal activity. Consideration is given to the size of each network and related potential for malware distribution where larger servers should have the means to track cyber-criminal activity more effectively.


Hosting Ukraine Burnt Out

Hosting UA in Odessa one of the main data centers and hosts in Ukraine is offline, due to a major fire.

Figure 1 Hosting Ua - Fire - courtesy


AS41665 HOSTING-AS National Hosting Provider, UA, with 144,384 IP addresses and ranked #4 on the HostExploit Top Bad Hosts report in December 2009 out of 34,000 ASNs (autonomous systems / hosts) compared for serving badness on the Internet. Although in the forthcoming HostExploit Top Bad Hosts report, Hosting UA had demonstrated some improvement over the first quarter 2010 - see forthcoming report, March 2010.



New Site Design - New Report


Hello, and welcome to our new website!

As is always the way, there were a couple of issues when transferring the site across, so apologies if you ran into any problems over the last couple of days.

Please feel free to send us any comments on any issues you are experiencing or any recommendations.

Previously, we have concentrated on releasing full cybercrime reports, many of which have had big contributions in the downfall of some pretty bad hosts. Often when we are researching, we have some good evidence but perhaps not good enough to put into a full report. So, from now we will be regularly posting blogs as this is an easy way for us to put some of our findings out there.

Writing blogs will also help us get our findings out there that little bit quicker, and hopefully others in the community can build on issues we blog on. Stay tuned in the next few days for a followup report to 2009's Top 50 Bad Hosts - this time we will be reporting on 2010 Q1 and the fun and games that the community has been having with Troyak.


Page 4 of 7

Latest Blogs

  • 1
  • 2
  • 3


Sign up to the HostExploit newsletter to receive the latest news on HostExploit reports and other developments.