Hello folks, Before you shoot me with 'wrong mailing list' replies, believe me, I tried, THNOG is dead, APNIC ain't responding either and the ISP's over there don't seem to care much. And I've been looking at this situation for over 2 years now since first incident. I simply hope that with the contacts you folks have due to your professions to be able to help. So, I came across this botnet which decided to pick my IRC network as control center, and I have been digging into them. It turns out that in Thailand, people can easily get cloned modems in order to internet for 'free', it simply boils down to mac cloning, so let me spare you the details. The problem is that these modems also carry a digital STD in the form of additional botnet code, allowing the controllers to do, well, botnet stuff. I disabled their ability to control by glining everything on join to the control channel, and since I am maintainer of DroneBL, add them to the blacklist. Doing that for 2+ years now. The amount of removal requests because people no longer are able to play on cncnet is amazing. My question here kinda is, how to permanently get rid of this evil in an effective way, and who to contact? (yes, I tried to get through to NOC's of the affected providers), or could perhaps someone be so nice to use one of their contacts in Thailand to speed things up? Kind regards, Alexander Maassen Maintainer DroneBL