The notorious Portuguese hosting company Bitcanal was kicked out of the internet. Bitcanal has accused of helping spammers hijack IP segments for years, and its six upstream bandwidth providers have now decided to sever cooperation with the company. Because BGP works, a malicious attacker can declare some unused IP segments to the entire Internet to their hosting facilities. If there is no objection, then these IP segments will fall into the hands of the hijackers.
Security researchers have found that Bitcanal hijacks millions of IPv4 addresses and then sells or leases them to spammers to send spam. Most of the hijacked routes to Bitcanal’s IP address belong to organizations that no longer exist today, but many hijacked addresses are assigned to still active organizations, including the US Department of Defense.
Ron Guilmette, an anti-spam activist, an independent security researcher described Bitcanal’s suspicious activity on the NANOG mailing list on June 25th, asking why the company’s upstream network operators continued to hijack BGP routes. The discussion eventually led to Bitcanal. The upstream ISP terminated its cooperation with the company
