[anti-abuse-wg] Massive prefix theft in AFRINIC - attributed to an insider

In message <9c7d5885-f4e5-5c00-9523-bcc3a3b6a625 at efes.iucc.ac.il>, you wrote:

>Again, great work Ron!

Thanks much Hank.

I wish that I could get some journo in Israel to cover this, and maybe
go and put some questions to the man who ended up with most of this
looted IPv4 address space, i.e. a certain Mr. Elad Cohen (netstyle.co.il /
netstyleservers.com), a member in good standing of RIPE, of course.

I tried to make that happen, but got nowhere.
:-(

Oh well, I gues that there are some different corruption stories that
are getting all of the ink these days in Israel... just as there are
here in the U.S., at present, I'm sorry to say.

There's yet another member in good standing of RIPE whose fingerprints
are also all over this mess.  I'll just have to hope that eventually
Interpol or Europol might take an interest in this case and maybe start
asking these guys some rather pointed questions about it all.

That's the only hope, I'm afraid.  I'm frankly not in the least bit
persuaded that RIPE will ever demonstratably give a shit about any of
this.  The last time I looked, the various folks, mostly Russian, who
were running the networks responsible for the massive `3ve' clickfraud
scam... which I had also publicly outted before LE caught up to them...
were also all still members in good standing of RIPE, and those guys
were formally indicted by the U.S. DoJ:

https://www.whiteops.com/press-releases/3ve-google-whiteops-online-fraud
https://www.justice.gov/usao-edny/pr/two-international-cybercriminal-rings-dismantled-and-eight-defendants-indicted-causing


Regards,
rfg


P.S.  This stuff that took place down in the AFRINIC region arguably
isn't even on-topic for this list and/or this WG.  It's kind-of like 
"meta-abuse", or some such thing.  Anyway, this isn't our usual spammers
and/or hackers story.