IDG News Service - As Demand Media gears up for its initial public offering, anti-spam advocates and online crime fighters say that the company needs to clean up its act.
In a report, released late Tuesday, HostExploit, a volunteer badware-tracking group, found that Demand Media's Internet service provider (ISP) business is hosting an abnormally large number of malicious Web pages, and far too many of the command-and-control servers that are used to send directions to hacked computers.
In fact, HostExploit currently ranks Demand Media as the worst ISP in the world, a ranking that's based on how the ISP is used to distribute spam and malicious software.
Demand Media is best known as the operator of low-cost Web sites such as eHow, LiveStrong.com, and Cracked. But it also runs the world's second-largest domain name registration business, and sells Web hosting services too, through brands such as eNom.
Like all service providers Demand Media has to deal with scammers abusing its network. The criminals register domains or rent servers to host their scam Web sites -- often doing this through other companies that resell Demand Media's services. The criminals will hack legitimate customers and use their servers, too. For ISPs, staying on top of this fraud is just part the business, but some companies pull this off this better than others.
Over the past year, Demand Media has had a hard time keeping up with the criminals, cybercrime watchers said Tuesday.
For example, the number of botnet command and control servers hosted by Demand's services is now ten times what it was back in January, said Jart Armin the pseudonymous researcher who co-authored the HostExploit report. "This isn't something that they don't know about," he said. "This is just badness and they don't give a damn."
Demand Media has about the same amount of malicious activity on its networks -- relative to the company's size -- that HostExploit found on the notorious McColo Internet service provider two years ago, Armin said. "They've got a lot of the same characteristics," he said. After HostExploit and others drew attention to McColo's bad activity, it was dumped by its upstream service providers and eventually forced out of operation.
In the case of Demand Media, however, Armin and his fellow researchers hope to pressure the company to clean up its act.
Demand Media is no McColo. It's a large and successful company that filed for an initial public offering last Friday. Based on the expected strike price, Demand Media hopes to raise $125 million through the IPO. Some observers say that the company may be distracted as it looks to bring itself public. Smoking out criminal activity, after all, doesn't do much to boost profits.
Free Insider GuideCopyright © 1994 - 2013 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
