ComputerWorld: After an international take-down effort, a rogue ISP responsible for controlling large numbers of computers infected with data-stealing code is down for the moment, but it may be reconnecting with the Internet, according to security researchers. ... Troyak, which is believed to be based in eastern Europe, was knocked offline earlier this month after other networks supplying its connectivity to the Internet stopped carrying its traffic due to complaints it was complicit in cybercrime. ... Since then the network has fought a cat-and-mouse game with network providers in 12 countries and international law enforcement, according to Jart Armin, the pseudonymous editor of the Hostexploit.com Web site, which has been involved in the action. ... "Troyak is still fighting hard, as it is the only link to the outside Internet for a few [criminal groups]," he said in an e-mail interview. ... Troyak and another ISP, Group 3, provided connectivity for 90 of 249 servers used to control Zeus, a sophisticated piece of malware that steals financial credentials and other data. Group 3 has also been disconnected. ... At this point, Troyak's reputation is so sullied that it is becoming difficult for it to find other ISPs to carry its traffic on the Internet.
Read more ...