RBN called hotbed of global cybercrime

The Washington Post published a powerful journalistic investigation about the semi-legal Petersburg hoster of the Russian Business Network. According to Western experts, under the roof of the RBN there is a “significant proportion” of all world spammers, identity thieves, administrators of botnets and phishers. For a sum of $ 600 to $ 2,000 per month, RBN leases a dedicated server, provides hosting and full technical assistance to any client, whoever he is. As an employee of Kaspersky Lab, Alexander Gostev, said, RBN acts smartly and, technically, does not even violate Russian laws.

RBN has no website. Those who want to use its services are connected to the Russian Business Network via IRC, Internet pager or Russian-speaking forums.

Here is a list of RBN IP addresses (from the Spamhaus.org database).

$ IPTABLES -A INPUT -s 81.95.144.182/32 -j DROP
$ IPTABLES -A INPUT -s 81.95.149.171/32 -j DROP
$ IPTABLES -A INPUT -s 58.65.239.66/31 -j DROP
$ IPTABLES -A INPUT -s 81.95.144.3/32 -j DROP
$ IPTABLES -A INPUT -s 81.95.149.27/32 -j DROP
$ IPTABLES -A INPUT -s 81.95.149.181/32 -j DROP
$ IPTABLES -A INPUT -s 81.95.149.178/32 -j DROP
$ IPTABLES -A INPUT -s 81.95.156.0/22 ​​-j DROP
$ IPTABLES -A INPUT -s 193.93.235.5/32 -j DROP
$ IPTABLES -A INPUT -s 81.95.149.110/31 -j DROP
$ IPTABLES -A INPUT -s 81.95.148.18/32 -j DROP
$ IPTABLES -A INPUT -s 81.95.148.130/31 -j DROP
$ IPTABLES -A INPUT -s 81.95.148.132/31 -j DROP
$ IPTABLES -A INPUT -s 81.95.153.243/32 -j DROP
$ IPTABLES -A INPUT -s 81.95.147.202/31 -j DROP
$ IPTABLES -A INPUT -s 81.95.144.0/20 -j DROP
$ IPTABLES -A INPUT -s 195.114.16.0/23 -j DROP
$ IPTABLES -A INPUT -s 195.64.162.0/23 -j DROP
$ IPTABLES -A INPUT -s 84.45.90.141/32 -j DROP
$ IPTABLES -A INPUT -s 88.201.208.0/20 -j DROP
$ IPTABLES -A INPUT -s 195.64.140.0/23 -j DROP
$ IPTABLES -A INPUT -s 81.94.16.0/20 -j DROP
$ IPTABLES -A INPUT -s 85.249.23.0/24 -j DROP
$ IPTABLES -A INPUT -s 81.95.147.182/32 -j DROP
$ IPTABLES -A INPUT -s 217.118.119.26/32 -j DROP
$ IPTABLES -A INPUT -s 85.133.4.138/32 -j DROP
$ IPTABLES -A INPUT -s 213.200.79.194/32 -j DROP
$ IPTABLES -A INPUT -s 62.154.15.154/32 -j DROP
$ IPTABLES -A INPUT -s 213.200.78.66/32 -j DROP
$ IPTABLES -A INPUT -s 195.66.226.151/32 -j DROP
$ IPTABLES -A INPUT -s 213.200.80.46/32 -j DROP
')
PS After the publication of the investigation in the Washington Post, RBN representatives first contacted journalists. Naturally, they completely deny accusations.