What is bulletproof hosting?

Image

Youve heard of malware, ransomware, botnets, and the like. What you dont hear about is the technology behind these threats. These threats all have to come from somewhere, theyre not just out there...


You’ve heard of malware, ransomware, botnets, and the like. What you don’t hear about is the technology behind these threats. These threats all have to come from somewhere, they’re not just out there floating around on the internet- they have to be stored someplace. Since a majority of these threats are illegal in a lot of countries, this is where bulletproof hosting helps facilitate these threats.

To clearly understand what bulletproof hosting is, we should first take a step back and talk about regular hosting. A regular web hosting service is a company that operates a facility, usually what is referred to as a data

center, which contains massive amounts of servers. Everything on the Internet needs a place to live, and home is on these servers. Regular web hosting services provide space on a server, either owned or leased for use by customers. It also provides Internet connectivity so people can reach the websites and data hosted on those servers. Most of these services have strict policies regarding what can and cannot be stored on these servers.

How is Bulletproof Hosting Different from Regular Web Hosting?

Bulletproof hosting operations are similar to regular web hosting, however these companies are a lot more lenient about what can be hosted on their servers. It has somewhat of a “don’t ask, don’t tell” philosophy. Bulletproof hosting services are often found in countries with more relaxed laws about what type content is hosted on these servers, and also have less strict extradition laws, therefore making it easier to evade law enforcement. Due to the different laws in different countries, this creates a huge grey area that allow the owners to claim immunity to what their customers host.

A lot of the owners of these facilities take the approach that they are just a service for customers. Many of these hosting servers have massive amounts on data on them, and it can be very difficult to track every move each customer makes. John Karlung of Banhoff Hosting states that his service is like the postal service—“a mailman doesn’t read the mail, he just delivers it.” He claims that his hosting is a legitimate law abiding service, and that any nefarious activity lies with his customers. He is also an advocate for privacy for his customers, and requires a formal warrant to remove any of his servers.

What Kind of Threats Reside on These Servers?

Malware Execution:

Exploit Kits These servers can host exploit kits, which are malicious toolkits that attackers use to help exploit a computer. The kits are methods of injecting malware onto an unsuspecting user’s machine via software vulnerabilities.

Botnet Command and Control Centers A botnet command and control center is the master controller of a botnet. Botnets are computers infected by malware that allow the hacker to gain control in order to send out spam, malware, spyware and control other computers, turning them into another bot in the group.

Nefarious Storage Services:

Data Stashes They can also store stolen data that has been obtained via data breaches, corporate espionage, credit card databases and more. It is safer to store this type of data in one of these servers for a few reasons. These data havens usually have backup systems in place and are extremely secure. Additionally, in the event that the cybercriminal were apprehended, the authorities will not find the data stored on their personal equipment.

Malware Storage Hackers can store their entire malware and tool library on these remote servers, as these servers provide larger storage options than a home computer.

Black Market Websites People can also host “hidden” websites on these servers. These sites host pornography, online gambling, and black market websites on the deep web. We spoke with an operator of one of these sites, and he stated that his site sells illegal items such as stolen PayPal accounts, hacking software, ransomware kits and tutorials. Other black market websites can have anything under the sun sold on them, such as credit card numbers, fake passports, drugs, illegal animals and even offer services such as hit men and hackers for hire.

Norton can also help you stay ahead of the threats with Norton Security.

Don’t wait until a threat strikes.

Security threats and malware lurk on Windows PCs, Macs, and Android and iOS devices. If you use more than one device – like most of us do – you need an all-in-one security suite. Meet Norton Security Premium.

Enjoy peace of mind on every device you use with Norton Security Premium.

Norton logo
  • Norton
Norton empowers people and families around the world to feel safer in their digital lives

Editorial note: Our articles provide educational information for you. Our offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about Cyber Safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses. The Norton and LifeLock brands are part of Gen Digital Inc. 

Contents

    Want more?

    Follow us for all the latest news, tips and updates.