According to internet security company VeriSign, RBN was registered as an internet site in 2006.
Initially, much of its activity was legitimate. But apparently the founders soon discovered that it was more profitable to host illegitimate activities and started hiring its services to criminals.[5]
The RBN has been described by VeriSign as "the baddest of the bad".[6] It offers web hosting services and Internet access to a wide range of criminal and objectionable activities, with individual activities earning up to $150 million in one year.[7] Businesses that take active stands against such attacks are sometimes targeted by denial of service attacks originating in the RBN network.[6] RBN has been known to sell its services to these operations for $600 per month.[4]
The business is difficult to trace. It is not a registered company, and its domains are registered to anonymous addresses. Its owners are known only by nicknames. It does not advertise, and trades only in untraceable electronic transactions.[6]
One increasingly known activity of the RBN is delivery of exploits through fake anti-spyware and anti-malware, for the purposes of PC hijacking and personal identity theft.[8] McAfee SiteAdvisor tested 279 “bad” downloads from malwarealarm.com, mentioned in the Dancho Danchev referenced article, and found that MalwareAlarm is an update of the fake anti-spyware Malware Wiper.[9] The user is enticed to use a “free download” to test for spyware or malware on their PC; MalwareAlarm then displays a warning message of problems on the PC to persuade the unwary web site visitor to purchase the paid version. In addition to MalwareAlarm, numerous instances of rogue software are linked to and hosted by the RBN.[10]
According to a since closed Spamhaus report, RBN is “Among the world's worst spammer, malware, phishing and cybercrime hosting networks. Provides 'bulletproof hosting', but is probably involved in the crime too”. Another Spamhaus report states, "Endless Russian/Ukrainian funded cybercrime hosting [at this network]."[11] October 13, 2007, RBN was the subject of a Washington Post article,[12] in which Symantec and other security firms claim RBN provides hosting for many illegal activities, including identity theft and phishing.