I applaud GLBX's move to disconnect Atrivo/Intercage.
What the Armin/McQuaid/Jonkman report  documented are activities
that many of us in the security community have known for a couple
One thing that Krebs _didn't_ mention in his WaPo article are the
large number of rogue DNS servers that also reside there. A couple
of colleagues, Feike Hacquebord, Chenguai Lu, et al., presented a
paper at the Virus Bulletin conference last year . While the
paper is almost a year old, that particular situation has gotten
My only concern here is that by the publicity this issue continues
to receive, these activities will just move else where, like
scurrying cockroaches (like what happened with AS40989).
One step at a time, I suppose.
- - ferg