Hi,
I just wanted to make a last comment on the previous email you sent.
> The business model of many bulletproof companies is to ignore reports of
> abuse, RIPE NCC does not seem to do much against this and criminals are not
> afraid of retaliation from RIPE NCC towards them. and currently RIPE NCC is
> an attractive organization to get IP addresses for bulletproof servers, how
> good is this?
It is true that their job is to ignore abuse reports. Also please note that
RIPE currently no longer has IPv4 blocks to assign. New members must either get
their space from a waitlist (which takes time and it’s limited to a single /24)
or buy IP space from other entities. I do not believe that RIPE is more
“attractive” than other Registries to obtain IP space for such illegal
activities. All 5 RIRs have similar policies. Take a look at ARIN’s fraud
reporting results.
https://www.arin.net/vault/reference/tools/fraud_report/results/2023/#2023Q2
As it’s been said, it’s not RIPE’s job to police the internet. And please note
that ultimately the ISPs providing connectivity to these organisations are the
ones “allowing” the fraud to happen. If all RIRs took action then I’m sure
criminals would lease IP space from reputable LIRs. Given the current IPv4
shortage, I believe this is the case already. RIPE isn’t allocating a lot of
IPs recently simply because they ran out.
Best regards,
Tomás Leite de Castro
> On 18 Jan 2024, at 10:20, OSINTGuardian wrote:
>
> Hi Tomas,
>
> I am not referring to bulletproof servers in Tor, since I understand that
> this is more difficult to detect since it is deep in the internet. I am
> referring to the bulletproof hosting that is flooding the clear web with
> illegal content.
> I currently know different bulletproof hosting, as you probably do too, but
> no one does anything against this, which mostly affects the clear web.
>
> illegal activities:
>
> I am not referring to fighting bulletproof hosting due to spam networks,
> botnets and DDOS attacks. I am referring to bulletproof hosting that has
> clients who are pedophiles or drug traffickers (and these clients say it
> openly) and when the police or internet users send abuse reports to the
> bulletproof hosting email, the report is ignored.
>
> Because of bulletproof hosting, the dark net has been on the clear web for
> some years with child pornography sites, pedophile forums, drug sales sites
> and among other websites that the owners are clients of bulletproof hosting.
> So you can see that I'm not exaggerating, google "dutchanonstore.to" and
> you'll see what I mean
>
> In case you are wondering, the company behind this drug sales website is
> KODDOS (Amarutu Technology Ltd), one of the most famous bulletproof companies
> currently and which is on the TOP 1 list of ISPs that provide bulletproof
> servers for illegal websites
>
> This is not the only famous bulletproof hosting, cybercriminals use a company
> like Cloudflare but Russian and with bulletproof servers that are hosted in
> Russia. the company DDOS-GUARD and it is not the first time that this company
> is mentioned here since some time ago a famous client of ddos-guard was Hamas
> (terrorist group)
>
> I have a lot of evidence against bulletproof servers and how they are
> complicit in illegal activities, although having evidence of this is not that
> difficult since many of them are publicly promoted as "bulletproof hosting."
> The police usually do not do much against this, intelligence agencies such as
> the FBI, Interpol, Europol and among others are slow to do something against
> the bulletproof servers, and when they do something against this and they
> arrest the owners of these companies, which What they do is that new
> criminals create 6 new bulletproof hosting companies and all the clients go
> to that new company to host the illegal websites.
>
> Not to mention, the time it takes for authorities to do something against
> bulletproof hosting is 3 to 6 years, until they arrest the people behind the
> company with illegal activities. The authorities act extremely slowly and the
> clean web is filling up with illegal websites.
>
> Basically this is what has been happening for years and no one does anything:
> screenshot: https://i.imgur.com/nKZz8qx.png
>
> The business model of many bulletproof companies is to ignore reports of
> abuse, RIPE NCC does not seem to do much against this and criminals are not
> afraid of retaliation from RIPE NCC towards them. and currently RIPE NCC is
> an attractive organization to get IP addresses for bulletproof servers, how
> good is this?
>
> Claudia Lopez
> OSINTGuardian
>
>
> On ene. 17 2024, at 9:10 pm, Tomás Oliveira Valente Leite de Castro via
> anti-abuse-wg wrote:
> Hi,
>
> As far as "taking down" bulletproof hosting, that is very hard to do as
> they often operate on jurisdictions that are easier for them to run
> their business.
> RIPE NCC only allo