There’s been a nasty bug prowling the ‘Net of late, and it works by using a site’s own Search Engine Optimization (SEO) practices against it. Ars takes a look at the iFRAME injection campaign and the organization behind it. As Ars Technica points out:

The launchpad for these various malware campaigns is our old friend, the Russian Business Network. According to Danchev, earlier reports of the network’s demise have been greatly exaggerated. Faced with dwindling functionality thanks to security policies that prevented traffic from reaching IP addresses associated with the RBN, the company divided itself, sought new service providers, and is back in business. Many of the codec downloads and false website fronts active in the above attacks trace directly back to RBN addresses.

Interesting view on this twist from a Ars’ forum discussion:

I was 18 when the Berlin wall fell. States colonized by the former USSR were freed and democracy was put in place. I hoped for a better future for Russia. Since then, they have turned authoritarian, abused nations around them, threatened the world with missiles that can penetrate defense systems, poisioned and shot dissidents, and allowed a large organized crime sector to operate.I know my response isn’t technical, nor even helpful, but I couldn’t help but express my sadness over all this. When you see a great threat removed, especially as a teenager, you hope for the best, but I guess we aren’t going to see much good news from Russia for a long time.

It is, indeed, sad that instead of business partnership some Russian companies are trying to establish themselves as a highway robbery corporations.

Russian court found the owner of AllOfMP3 not guilty of breaching the copyright. Now, if I can only go to Russia and open a video store, something like AllOfDivX…

Given how much publicity the case with Russian teacher Ponosov got (here’s the link to the latest on Wired) I think I also have to shed some light on it, given that most people don’t really understand what’s really going on. However, bear in mind – I am not a lawyer, so whatever you may find below is my personal perception based on knowing the situation in Russia just a bit better then folk on this side of ocean.

Is a nutshell – the principal (called director of school, basically the administrator who runs whole 11-grades establishment between kindergarten and university/college) got apprehended by Russian authorities for having a classroom with computers without Windows licenses on them. As the case unfolded, it was established (judging by information from public sources) that he bought computers with Windows already preinstalled.

Now, this is a spot where I need to stop and make some things clear. Most of schools in Russia don’t have computers, let alone money to pay for the software. However, as it was uncovered in this case, the problem was that Ponosov allegedly bought computers from some third-party that installed unlicensed copies.of operating system. Where did the difference in money go, of course, was not disclosed. Again, it wasn’t Microsoft who chased the guy, it was Russian authorities for good solid reason.

Next thing you know – Mikhail Gorbachev (when did he surfaced?) asks Bill Gates to intervene, Putin is personally overseeing the process, Microsoft (as always) gets all the blame, Ponosov claims he’s not guilty even after he was offered to settle things outside of the court and then – boom!, case dismissed.

Now why would anybody want to have a process like that? Personally, I see several goals of such thing, even though at first glance the whole thing looks like an exercise in moronity:

• Putin shows to the world that he fights piracy in his country. The fact that in real life in Russia nobody cares about piracy is somehow gets forgotten. No, really, you think someone with salary around $200 – $500 a month could afford buying an OS that costs about that? Plus the Office? Especially when pirated copies cost around $5 – $10 per CD with every possible version of Windows on it? Give me a break.
• (whoever was behind this idea) got the message out very loud and clear – stop using Windows proprietary/commercial in Russia. Why? Because you never know if and when authorities will come after you. However, with Linux/OpenOffice combo, there are no licensing fees to pay, no restrictions, therefore it’s just plain safe to use.
• this puts additional pressure on software companies that sell their products in Russian market to lower the price. Not because Russian companies cannot afford it, but because Russian consumers don’t want to pay for it. In simple language – they wouldn’t buy the product if there is any way they can steal it. Practically no amount of meetings, agreements and even discounts would change that type of psychology any time soon. Of course, with larger companies the situation is different, but on the end-consumer market it is considered plain old idiocy to pay for Windows.

First two bullet points are pretty obvious to anyone who have been following (anti)piracy news from Russia. Third one has a very long history, which I have neither time nor wish to go through. Just to summarize the whole thing – it seems very interesting how Russian-produced PR actions get a lot of people very emotional. Looks like they got some kind of gurus back there in Moscow. Nice job, guys.

Don’t you just love people who are about to social engineer you having no skills and being very stupid? I mean – everyone can fall for a lier if he’s good at it, but some morons lack brains and talent, yet they try to persuade you they’re legit.

Here’s this guy how have been on and off sending me “hello” and “hi” and “can I ask you a question” over and over. Didn’t seem like he needed an answer, so I didn’t mind. I get that a lot.

So yesterday at night he finally managed to talk to me. He asks if he can get a free hosting account. I suggest that he sends the letter through the web form so we can review it. So he does, but it’s not a paid account and it’s 3:12am on a clock, so I decide to look at his letter next day (i.e. today).

Which I certainly did, paid or not, he’s a potential client, so I must pay him due respect unless proven that he’s a fraud. So I went to all his web sites that he sited in his e-mail. First one was empty folder (not even index.html) on something like 1234.net.ru This triggered the alarm, since as far as I know .ru zone belongs to Russia and people there prefer to use free hosting resources of their own country (it has to do with providers paying for traffic from abroad – long story). Then there was a passage that I simply loved. The large red siren blared over my head “Social engineering shmuck is on the way!”. It was so hilarious, I can’ thelp but cite it all here – for all the people who read this. This is dumb!

“And my current website is http://*****.info

I will upload great templates and images to the good hosting and I wish you could wise enough to reply me.”

I went to this site, that had some unspeakable bunch of letters .info. Given that you can get a .info domain for free these days, it didn’t really raised the caution, but added to the suspicion. There was an empty forum about some music, with approximately ten posts total. I thought – yeah, I can set up something like this in 10 minutes. And since it’s already set up – why would you need another hosting? But nevertheless, I kept looking.

At this time the guy went on IM again and accused me of lying on my web site. He said he went to other resource that lists free hostings and there is no feedback about us. My response was that a) we just started offering free hosting less then a month ago and b) he didn’t try us to say we’re lying. I also added that most of people who contacted us wanted to host for free because they were planning to set up illegal download sites. “I would never do that“- he said. Riiight. “If you were a good hoster,YOu may replyed my 2 letters and told me my application was denited,But you never did” - he said. Ah, here comes the mask of “almost angry customer”. At this point I was almost sure that he’s a fraud, given that his info from the e-mail listed “Address: BEijing Normal University,ZHuhai Campus,Uk“… Not sure about Zhuhai, but I doubt the Beijing is in UK… Then there was one last check. I went to whois info to see who owns the .info domain the guy wanted to use. Surprise!

Domain ID:D7724977-LRMS

Domain Name:******.INFO

Created On:12-Oct-2004 02:59:11 UTC

Last Updated On:15-Oct-2004 03:14:10 UTC

Expiration Date:12-Oct-2005 02:59:11 UTC

Sponsoring Registrar:R183-LRMS

Status:ACTIVE

Status:OK

Registrant ID:C6823054-LRMS

Registrant Name:dsfs

Registrant Organization:fs adfsa

Registrant Street1:d fsa

Registrant City:fsd

Registrant State/Province:sdf sd

Registrant Postal Code:24234

Registrant Country:VC

Registrant Phone:+1.24234

Registrant FAX:+1.23424

Registrant Email: hotadv@yahoo.com.cn

Given that the TLD .cn belongs to China, I know no respectable asian person would agree to name dsfs. I suggested that the person should look elsewhere, which he did, eventually, making it look like he was dissatisfied. Ofcourse he was, since his lies got exposed.