Security researchers have found that Bitcanal hijacks millions of IPv4 addresses and then sells or leases them to spammers to send spam. Most of the hijacked routes to Bitcanal’s IP address belong to organizations that no longer exist today, but many hijacked addresses are assigned to still active organizations, including the US Department of Defense.
Ron Guilmette, an anti-spam activist, an independent security researcher described Bitcanal’s suspicious activity on the NANOG mailing list on June 25th, asking why the company’s upstream network operators continued to hijack BGP routes. The discussion eventually led to Bitcanal. The upstream ISP terminated its cooperation with the company
