IDG News Service - As Demand Media gears up for its initial public offering, anti-spam advocates and online crime fighters say that the company needs to clean up its act.
In a report, released late Tuesday, HostExploit, a volunteer badware-tracking group, found that Demand Media's Internet service provider (ISP) business is hosting an abnormally large number of malicious Web pages, and far too many of the command-and-control servers that are used to send directions to hacked computers.
In fact, HostExploit currently ranks Demand Media as the worst ISP in the world, a ranking that's based on how the ISP is used to distribute spam and malicious software.
Demand Media is best known as the operator of low-cost Web sites such as eHow, LiveStrong.com, and Cracked. But it also runs the world's second-largest domain name registration business, and sells Web hosting services too, through brands such as eNom.
Like all service providers Demand Media has to deal with scammers abusing its network. The criminals register domains or rent servers to host their scam Web sites -- often doing this through other companies that resell Demand Media's services. The criminals will hack legitimate customers and use their servers, too. For ISPs, staying on top of this fraud is just part the business, but some companies pull this off this better than others.
Over the past year, Demand Media has had a hard time keeping up with the criminals, cybercrime watchers said Tuesday.
For example, the number of botnet command and control servers hosted by Demand's services is now ten times what it was back in January, said Jart Armin the pseudonymous researcher who co-authored the HostExploit report. "This isn't something that they don't know about," he said. "This is just badness and they don't give a damn."
Demand Media has about the same amount of malicious activity on its networks -- relative to the company's size -- that HostExploit found on the notorious McColo Internet service provider two years ago, Armin said. "They've got a lot of the same characteristics," he said. After HostExploit and others drew attention to McColo's bad activity, it was dumped by its upstream service providers and eventually forced out of operation.
In the case of Demand Media, however, Armin and his fellow researchers hope to pressure the company to clean up its act.
Demand Media is no McColo. It's a large and successful company that filed for an initial public offering last Friday. Based on the expected strike price, Demand Media hopes to raise $125 million through the IPO. Some observers say that the company may be distracted as it looks to bring itself public. Smoking out criminal activity, after all, doesn't do much to boost profits.
- Mobile First: Securing Information Sprawl Learn how the partnership between Box and MobileIron can help you execute a "mobile first" strategy that manages and secures both mobile apps...
- Cybersecurity Imperatives: Reinvent your Network Security The Rise of CyberSecurity
- Surescripts Case Study- Securing Keys and Certificates Surescripts implemented Venafi's Trust Protection Platform™ to secure digital keys and certificates, ensure the privacy and confidentiality of electronic clinical information for its...
- Ponemon 2014 SSH Security Vulnerability Report According to research by the Ponemon Institute, 3 out of 4 enterprises have no security controls in place for SSH which leaves organizations...
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities.
- Deep Dive into Advanced Networking and Security with Hybrid Cloud Security and networking are among the top concerns when moving workloads to the cloud. VMware vCloud® Hybrid Service™ enables you to extend your... All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!