Many cybercriminal operations have some level of organization, planning, and some form of foundation that reflects the technical acumen of the individual or group behind them. The use of underground infrastructure is inherent to the modus operandi of a cybercriminal. In our Underground Hosting series, we have differentiated how cybercrime goods are sold in marketplaces and what kinds of services are offered. In this final part of the series, we will explore the methods criminals employ to secure their assets and survive in the business.
Criminal sellers use different mechanisms to protect their businesses. The offerings of these “businesses” are often suited to the respective requests and demands of the criminals. Bulletproof hosting (BPH) services, also known as abuse-resistant services, and in some cases, offshore hosting, usually comprises compromised assets and infrastructures with a high level of resistance to abuse. Providers often offer customer support by sharing early notifications of abuse requests and even automatically moving servers to another IP space.
Source: Trend Micro