Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Friday May 17 2019, @09:10PM   Printer-friendly
from the get-yours-now-before-they're-gone! dept.

The American Registry for Internet Numbers (ARIN) discovered a fraud scheme in late-2018 through which 757,760 IPv4 addresses worth between $9,850,880 and $14,397,440 were fraudulently obtained.

ARIN is a nonprofit corporation which distributes Internet number resources such as IPv4, IPv6, and Autonomous System numbers to organizations throughout the United States, Canada, and Caribbean and North Atlantic islands.

"On May 1, 2019, ARIN obtained a final and very favorable arbitration award which included revocation of all resources issued pursuant to fraud and $350,000 to ARIN for its legal fees," says a press release issued by ARIN on May 13.

ARIN was able to uncover and revoke the IPv4 addresses obtained through the fraud scheme following the arbitration [PDF] in the U.S. District Court for the Eastern District of Virginia, with the individual and the company behind the scheme being charged in federal court in a twenty-counts of wire fraud indictment.

As a Department of Justice (DoJ) press release issued today says, the two accused parties "created and utilized 'Channel Partners,' which purported to consist of several individual businesses, all of whom acquired the right to IP addresses from the American Registry of Internet Numbers (ARIN)."

Source: BleepingComputer


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 5, Interesting) by pipedwho on Friday May 17 2019, @11:43PM (3 children)

    by pipedwho (2032) on Friday May 17 2019, @11:43PM (#844880)

    The problem is these will be sold back out to ISPs and companies. Meanwhile, all the IP blocking lists in various corporate and web site firewalls will continue to block them. Sucks to be the recipients of these IPs. The problems will generally resolve itself after a couple of years. For a good couple of years, my (closed relay) SMTP server (although not on any official blacklists) would be blocked for no obvious reason by random recipients. When I got it, it was on every blacklist out there, and I had to send many emails to get it removed. My static IP still gets blocked by certain websites (usually random forums here and there) - even though I've had it for over 5 years. It must be because of all the blacklisting it had before I got it. Too many lazy sys admins never bother properly maintaining their block lists. I use a privately hosted VPN most of the time anyway, so it doesn't really affect me these days.

    But, the way lazy corporates block things, I can see being allocated one or more of the these 'reappropriated' IPs will be a bit of a poisoned pill for the recipients.

    Starting Score:    1  point
    Moderation   +3  
       Interesting=2, Informative=1, Total=3
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   5  
  • (Score: 5, Informative) by edIII on Saturday May 18 2019, @12:42AM (2 children)

    by edIII (791) on Saturday May 18 2019, @12:42AM (#844893)

    THIS.

    I've had to argue with dipshit sysadmins about removing an entire network from their blocklists. An end user was complaining that from their wifi connection they could not hit this customer web portal, but from their phone they could. What was hilarious is that there are several networks the customer could be routed out from, and only one was blocked. I could see the website, but by changing some routing, I could see the block.

    Took me working my way up the corporate ladder a ways before I got a suit to force the sysadmin to allow this one network again. Those assholes acted like it wasn't a problem and one of them even said, "Yeah, but he can just use his phone". Meanwhile, the service being offered looks like shit to the customer because they don't understand what is going on, or why the discrimination exists. The fact the discrimination exists is a legitimate reason to suspect our service and want to change.

    That means revenue shifting from a small company to the big entrenched ones that those sysadmins wouldn't *dare* to add to the blocklist. Same way that regardless of whatever bullshit is going on with Google, you can't block Google mail servers from communicating with you. Ever.

    --
    Technically, lunchtime is at any moment. It's just a wave function.
    • (Score: 5, Interesting) by krishnoid on Saturday May 18 2019, @01:32AM

      by krishnoid (1156) on Saturday May 18 2019, @01:32AM (#844897)

      "You have 24 hours to live. The location of the antidote is described in a file from three hosts on a network which you must access from inside your company." Ooh, and for better effect, you need to take a dose of the antidote periodically, and it moves around weekly.

    • (Score: 3, Interesting) by pipedwho on Saturday May 18 2019, @10:38AM

      by pipedwho (2032) on Saturday May 18 2019, @10:38AM (#844978)

      So true. At one of the companies I contract for, when I'm on their premises I need to access their network. But, they block standard POP, IMAP, SMTP, and OpenVPN ports. I can't even check my emails without punching holes through their firewall. I have a combination of SSH port forwards and HTTPS SSL based VPN routes just to be able to simultaneously use their servers and still get my email. It's such a farce. They even have a CISCO box that tries to middle-man HTTPS connections. Fortunately, I have a separate Virtual Machine I can use to access their local servers that has the trust certificates, while the host doesn't trust their corporate certs, so can't be middle-manned.

      Meanwhile, everyone just uses Google Drive or one of the less savoury file sharing sites to transfer files externally, or tethers to their phone to get around the firewalls. A massive waste of time, and does nothing but annoy people. It doesn't help that internal IT support is handled by a company in India. It can take a week to get access to a file that you're supposed to be using, when it would literally be a 10 second job for someone locally. But, hey, those Indians have full admin rights and can pretty much get to any file on any system if they knew what they were doing. Security theatre isn't just for the TSA.