Zeus-friendly ISP taken down
The latest in the string of “bulletproof” ISPs has been taken down on Friday, after its upstream service provider (DIGERNET) has been disconnected.
PROXIEZ-NET went down, making its claims of being immune to shutdowns untrue. According to The Register, just days before the shutdown, PROXIEZ-NET found its way to the Spamhaus’ block list for “acting as a ZeuS botnet C&C or hosting binaries/dropzones for the ZeuS botnet.
So far, the Russian ISP has been unable to find another way to get back online, but even if this is a victory for white hats, it will probably be of short duration as the previous attempts because usually fallback channels for the temporarily orphaned botnets are provided within a short period of time.
There is no doubt that such disruptions of malicious activity are welcome to those people that “fight the good fight” and aim to take all such ISPs permanently offline, but so far, the results of these takedowns have proved only temporary. Maybe it’s time to concentrate on another approach?