Today [ie, Thursday, May
20], the Federal Trade Commission permanently shut down 3FN, a
Belize-based Internet service provider (ISP) notorious for hosting botnets,
child pornography, phishing attacks and various other scams and malware. The
ISP has been ordered to pay back $1.08 million which it earned by cooperating
and conspiring with criminals.
It took almost a full
year in court for the FTC to win this battle against 3FN. When this ISP was
put under a preliminary injunction last year, spam volume dropped by 15%.
3FN had been actively
recruiting spammers and others and whose senior staff had coached clients on
building botnets. The latter was proven with instant message logs between
criminals and 3FN employees. The FTC estimated that 4,500 malicious software
programs were hosted by the ISP, attacking unknown numbers of computers with
keystroke loggers, password stealing software, data theft, backdoor access
and spam distribution.
In addition to aiding and
abetting those who would infest our computers with viruses, spyware and other
malware, the ISP also knowingly hosted illegal and disturbing types of
The ISP ignored takedown
requests and evaded prosecution by shifting certain elements or content to
other IP addresses in its control. 3FN also did business as Pricewert LLC,
Triple Fiber Network, APS Telecom, APX Telecom and APS Communication.
It remains to be seen
whether or not this will have any affect on the amount of spam we are
seeing. The current trend in spam botnets is to see a temporary decline
in total abuse followed by a recovery. The recovery periods have been
getting shorter and shorter as spammers and malware authors have started
building more resiliency into their infrastructure.
I’ll keep an eye on it
and report if I see anything unusual.