The ISP, operating under the names 3FN and APS Telecom under the ownership of Pricewert, is alleged to be actively working with organised crime to host the kind of material that legitimate companies would turn down, such as botnets.
“The defendant recruited bot herders and hosted the command-and-control servers – the computers that relay commands from the bot herders to the compromised computers known as “zombie drones,” said the FTC.
“Transcripts of instant-message logs filed with the district court show the defendants’ senior employees discussing the configuration of botnets with bot herders.”
The ISP also hosted more than 4,500 command and control systems for malware which could then be pushed onto infected machines for phishing, generating spam and organising distributed denial of service attacks.
The court issued a temporary restraining order to prohibit Pricewert’s illegal activities and require its upstream Internet providers and data centers to cease providing services to Pricewert. The order also freezes Pricewert’s assets.
The case was made possible by a joint effort between the FTC, The Spamhaus Project, NASA’s Office of Inspector General, Computer Crime Division; Gary Warner, director of research in computer forensics at University of Alabama, the National Center for Missing and Exploited Children, the Shadowserver Foundation and Symantec.
Experts will now be carefully monitoring spam and botnet activity online to see the effect of the shutdown. When the McColo operation was conducted last year the effect was dramatic, with spam levels plummeting in the hours following the takedown.
