This week, everywhere you look, bulletproof hosting (BPH) is in cyber news headlines. From the CrazyRDP takedown, to sanctions against entities adjacent to Aeza, and most recently Media Land LLC and ML[.]Cloud] LLC (do these measures actually move the needle?), to new CISA guidance on mitigating BPH activities.🛡️ It’s clear the spotlight is firmly on one of cybercrime’s most persistent enablers. And for a good reason. Few infrastructures have enabled so much criminal activity, for so long, with such resilience. Spamhaus has tracked BPH operators and their evolving tactics for decades. 🕵️ We've watched the ecosystem shift from monolithic BPHs to layered and complex business structures. So, amid the sensational headlines, we’ve compiled a grounded look at the topic, covering: the history, the current landscape, and where the threat landscape is likely to head next. Read it in full here 👉
Resources | The anatomy of bulletproof hosting – past, present, future | Spamhaus Project
 #Bulletproofhosting #Cybercrime image
ENDGAME 3.0 REMEDIATION | Following on from the 📢 announcement last week Spamhaus is now sending notification emails 📩 to ISPs associated with infected machines. Here's what to do if you receive one: ⤵️
📣 NEW FROM CISA: 'Mitigating Risks From Bulletproof Hosting Providers' In CISA’s latest publication they give networks practical steps to mitigate and protect themselves from the activities coming from bulletproof hosts. Publication:
Cybersecurity and Infrastructure Security Agency CISA
Bulletproof Defense: Mitigating Risks From Bulletproof Hosting Providers | CISA
CISA and its partners urge ISPs and network defenders to implement these recommendations to mitigate risks posed by BPH providers.
 We love the shoutout to Spamhaus' DROP list. Access is free for a reason: to protect everyone from the worst of the worst… and from networks that have fallen asleep at the wheel while their resources get hijacked for malicious purposes. image
📣 In case you missed it: resharing a recent blog post on the rise of malicious activity and abuse reports linked to Traffic Distribution Systems (TDS) — infrastructure increasingly exploited for phishing and other malicious campaigns. 🎣 You'll learn: - How TDS are being abused - Why they’re so hard to take down - What we can do together to fight back 📖 Read the full blog here 👉
Blog | TDS Abuse - What’s hiding behind the veil? | Spamhaus Project
 image
On November 12, around 250 physical servers were seized by the Dutch police at two datacenters in the Netherlands 👉
Duizenden servers in beslaggenomen in omvangrijk cybercrime onderzoek
In een onderzoek naar een malafide hostingbedrijf zijn door het team cybercrime Oost-Nederland duizenden servers in beslaggenomen. Het hostingbedri...
 We assess the unnamed #bulletproofhosting provider (BPH) is CrazyRDP, a major #cybercrime hub previously operating front companies such as 🇺🇸 Delis LLC (AS211252), 🇺🇸 Limenet LLC (AS394711) and, most recently, 🇺🇸 Sovy Cloud Services (AS401110) and its downstreams (all incorporated in 🇺🇸 as well): ... ⤵️ 1/2