寄件者: Paul Ferguson (RD-US)
傳送日期: Wednesday, August 11, 2010 11:51:26 AM
主旨: NEWSBANK:: Cybercrime goes to Wall Street
As part of a series of reports on ‘Cybercrime USA’, HostExploit presents a detailed analysis on Demand Media/eNom’s position as #1 Bad Host in the HE Index of comparative Internet badness. Research published in our recent Q2 2010 Top 50 Bad Hosts and Networks Report shows AS21740 Demand Media/eNom topping the HE chart by serving and distributing internet badness through: botnets, spam, Malware, infected web sites, and exploit serving. Out of the known 34,738 publicly reported ASes (servers), Demand Media/eNom is shown to be #1 for Internet badness and #1 abusive Registrar.
To demonstrate how the Internet badness served by Demand Media relates to other known centers of badness, we introduce in this report “The McColo Standard of Cybercrime”, whereby scores on our HE Index are illustrated in an easy to understand format and in comparison to how McColo would have fared using this system. A score of 4 to 5 on the HE Index is an average of all ASes. Much to our surprise, both Demand Media and McColo (using retroactive data from October 2008) scored around 270 indicating high levels of Internet badness. This placed Demand Media firmly in the #1 position on the HE Index.
(As a note, data on exploits, Malware and botnets is collated using non-intrusive methods and passive DNS replication. Research is primarily from HostExploit and associates, with 3rd party comparisons for confirmation).
What makes Demand Media rank at #1 for Internet badness?
- Demand Media has the fifth highest number of recorded badware instances across all ASes.
- Demand Media has the sixth highest number of recorded command & control (C&C) servers across all ASes.
- Between 30 – 35% of all active rogue pharma worldwide have been traced back to eNom, although they only have 8% of the registered domains worldwide.
- Using the URI BL approach to spam analysis where domains found with spam are listed instead of the origin, eNom was ranked at #1 in the world.
- A nine month analysis found the serving of Malware, spyware and browser exploits.
- Demand Media/eNom is in potential breach of ICANN’s RAA (Registrar Accreditation Agreement
- It has been demonstrated and acknowledged by spammers, that Demand Media / eNom provides a safe-haven for various forms ‘Illicit Internet product traffic’ but particularly illegal pharma products.
Demand Media has recently filed an S1 SEC with the US Securities and Exchange Commission (SEC) in preparation for an IPO on Wall Street.
As a matter of urgency Demand Media needs to pay attention and clean up the apparent Cybercrime friendly activity as a duty to all of its customers and Internet users in general.
"Fergie", a.k.a. Paul Ferguson
Trend Micro, Inc., Cupertino, California USA