Intercage – Spam/Malware Friendly ISP Back Online

The New Acunetix V12 Engine


There has been a big hoo-haa recently about a US ISP called Intercage who have said to have been harbouring spammers and scammers via their largest client an Eastern European webhost called Esthost.

Their plug got pulled 2 days ago by the upstream provider IP transit provider UnitedLayer after weeks of criticism from the community showing IP addresses under the management of Intercage were hosting a number of sites engaged in phishing, malware propagation, and other illegal activities.

It’s a pretty bold move by UnitedLayer..but Intercage and their website is back online now.

A day after security experts celebrated the death of a network provider accused of hosting a large concentration of the world’s cybercrime, California-based Intercage appeared to be among the living again.

IP transit provider UnitedLayer agreed to provide upstream service to Intercage about 36 hours after its last transit provider pulled the plug. UnitedLayer’s move, which is sure to prove unpopular in some circles, came after Intercage agreed to completely sever ties with Esthost, the Eastern European web host believed by many to be responsible for the lion’s share of abusive traffic carried by Intercage.

The dumping of Esthost, if true, would mark a major turning point for Intercage. Esthost, which according to many researchers hosts a large number of sites engaged in phishing, malware propagation, and other illegal activities, has relied on Intercage since 2004 and is responsible for 25 percent to 50 percent of its revenue, according to Intercage president and owner Emil Kacperski.

It looks like it’s going to hurt them with between a quarter and a half of their revenue coming from this one customer! They shouldn’t have put all their eggs in one basket, especially a malware ridden Eastern European basket.

I think Internet Exchanges and upstream providers need to be more vigilant about spam and malware propagation sites, if hosts refuse to sort the problem out – pull the plug!

For its part, UnitedLayer officials said they thought long and hard about the decision to take on Intercage as a customer, and based on the promises they got, they decided it made sense.

“We have been assured by Emil and Intercage that the customer in question that caused this firestorm has been removed,” said UnitedLayer COO Richard Donaldson. “And we have said very unequivocally to Emil that when and if factual evidence is provided to us that puts him in violation of our AUP (acceptable use policy)…then we will terminate them like we would any other client.”

Over the past few weeks, the Intercage saga has at times resembled the wild west, where justice is meted out by an informal network of power brokers rather than duly appointed officials. Given the frequent inability of today’s law enforcement in overcoming a rat’s nest of extra-territorial and technical issues, this form of frontier justice is probably unavoidable. And in any case, the vast majority of the white hats manning the system are honest and have netizens’ best interests at heart.

There is definitely a potential for abuse here and it’s something that needs to be watched. More people need to take time to submit abuse reports, headers and IP addresses to the upstream providers, data centers and hosts involved.

Some may not know what the sites on their network are doing, some may actually be hacked, and some may be complicit with the spammers – but either way people need to report!

It’s an interesting story and definitely one to watch, let’s just hope no-one starts to abuse this with RIAA take-down notices etc.

Source: The Register

Posted in: Legal Issues, Malware, Spammers & Scammers

, , , , , ,


Latest Posts:


Acunetix Vulnerability Scanner For Linux Now Available Acunetix Vulnerability Scanner For Linux Now Available
Acunetix Vulnerability Scanner For Linux is now available, now you get all of the functionality of Acunetix, with all of the dependability of Linux.
Gerix WiFi Cracker - Wireless 802.11 Hacking Tool With GUI Gerix WiFi Cracker – Wireless 802.11 Hacking Tool With GUI
Gerix WiFi cracker is an easy to use Wireless 802.11 Hacking Tool with a GUI, it was originally made to run on BackTrack and this version has been updated for Kali (2018.1).
Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.
Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
Insecure software versions are a problem Web Security Stats Show XSS & Outdated Software Are Major Problems
Netsparker just published some anonymized Web Security Stats about the security vulnerabilities their online solution identified on their users’ web applications and web services during the last 3 years.


4 Responses to Intercage – Spam/Malware Friendly ISP Back Online

  1. Morgan Storey October 7, 2008 at 4:56 am #

    Anyone got a list of their ip blocks… drop x.x.x.x/16 :)

  2. terrery October 7, 2008 at 11:44 am #

    ”There is definitely a potential for abuse here and it

  3. Morgan Storey October 7, 2008 at 10:35 pm #

    If intercage is anything like the previous Russian Business Network, it will take these reports of abuse and file them straight in the bin.

  4. SpikyHead October 8, 2008 at 12:45 am #

    @terrery
    “i strongly believe if someone notice abuse of website