Spamhaus Calls Out Verizon for Routing 4 Million Stolen IP Addresses

January 15, 2016
By: John Casaretto

Spamhaus is an organization dedicated to fighting spam. This international not-for-profit organization compiles block lists with the IP addresses of known spammers. The information and spammer names are collected by volunteers around the world.

In an interesting report that emerged this week, the Spamhaus pointed its finger squarely at Verizon as an unwitting aid to cybercriminal organizations. Spamhaus called out the company in reports that say the internet service provider is routing as many as four million stolen IP addresses through its networks. This is significant because cyber criminals use stolen IP addresses in order to spam people from an ever-evolving base of sources and evade spam protections.

Here’s how it should work: organizations that are found to be spammers are supposed to be kept from obtaining new IP addresses to spam from. This is a sort of sanctity mechanism that is supposed to be in place. Unfortunately, the reality is that cybercriminals circumvent many of the elements that are put in place to deter their efforts, including IP address banning. The accusation is that the stolen IP addresses are acquired through maneuvering around the information validation that should stop the registration of these IP addresses. The ruse is being executed through a registration system that is autonomous in nature, and apparently Verizon (News - Alert) is not properly checking out the information that comes through it. According to Spamhaus, registration information that is coming through should have raised suspicions based on a number of factors.  At the top of the list of red flags are the source the source of the stolen IP addresses. Some come from the United States, but others come from Hong Kong, Korea, and China. Verizon has reportedly been assigning IP address blocks on a regular basis to Asia Pacific regions, which has raised great concerns in the spam community. 4 million IP addresses are nothing to sneeze at.

It is interesting that Verizon is the source for one of the industry’s biggest cybersecurity reports yet they may be unknowingly contributing to some of these issues. As a leader in the cause of security issues, these accusations, if true, hopefully are no more than an egregious oversight. Spamhaus has reportedly been informing Verizon of these issues since July of 2015. Apparently little has been done to allay these concerns, but various statements put out by Verizon in response to the Spamhaus accusations reinforce Verizon’s commitment to combat internet abuse. 




Edited by Kyle Piscioniere