Info collector

More highly personalised malspam using hijacked domains

By on March 20, 2017 in Latest SPAM

Following on from this spam some weeks ago, another one comes in using a broadly similar technique of including the potential victim’s real home address while using apparently hijacked infrastructure (although in this case the hijacking isn’t so elaborate). From: customerservice@newshocks.com [mailto:customerservice@newshocks.com] Sent: 15 March 2017 18:23Subject: [Redacted] Your order 003009

Continue Reading »

Pump and dump spam: Incapta Inc (INCT)

By on March 20, 2017 in Latest SPAM

It’s been a long time since I’ve seen a pump-and-dump spam run illegally pushing a stock as hard as this: From:To:Date:    20 March 2017 at 09:30Subject:    This stock is about to receive a buy out at 10 times its current market price…Dear Subscriber,It’s been a long time since I sent you my special newsletter containing […]

Continue Reading »

alegroup.info (2017/03/20_10:13)

By on March 20, 2017 in Malware Domains

Host: alegroup.info/ntnrrhst, IP address: 194.87.217.87, ASN: 197695, Country: RU, Description: Ransom, Fake.PCN, Malspam

Continue Reading »

fourthgate.org (2017/03/20_10:13)

By on March 20, 2017 in Malware Domains

Host: fourthgate.org/Yryzvt, IP address: 104.200.67.194, ASN: 8100, Country: US, Description: Ransom, Fake.PCN, Malspam

Continue Reading »

dieutribenhkhop.com (2017/03/20_10:13)

By on March 20, 2017 in Malware Domains

Host: dieutribenhkhop.com/parking/, IP address: 84.200.4.125, ASN: 31400, Country: DE, Description: Ransom, Fake.PCN, Malspam

Continue Reading »

dieutribenhkhop.com (2017/03/20_10:13)

By on March 20, 2017 in Malware Domains

Host: dieutribenhkhop.com/parking/pay/rd.php?id=10, IP address: 84.200.4.125, ASN: 31400, Country: DE, Description: Ransom, Fake.PCN, Malspam

Continue Reading »

ssl-6582datamanager.de (2017/03/14_23:02)

By on March 14, 2017 in Malware Domains

Host: ssl-6582datamanager.de/, IP address: 54.72.9.51, ASN: 16509, Country: US, Description: redirects to Paypal phishing

Continue Reading »

privatkunden.datapipe9271.com (2017/03/14_23:02)

By on March 14, 2017 in Malware Domains

Host: privatkunden.datapipe9271.com/, IP address: 104.31.75.147, ASN: 13335, Country: US, Description: Paypal phishing

Continue Reading »

www.hjaoopoa.top (2017/03/06_21:09)

By on March 6, 2017 in Malware Domains

Host: www.hjaoopoa.top/admin.php?f=1.gif, IP address: 52.207.234.89, ASN: 14618, Country: US, Description: Cerber ransomware

Continue Reading »

up.mykings.pw:8888 (2017/03/06_21:09)

By on March 6, 2017 in Malware Domains

Host: up.mykings.pw:8888/update.txt, IP address: 60.250.76.52, ASN: 3462, Country: TW, Description: related to a Mirai windows spreader trojan

Continue Reading »

Top
All of these posts originated on blog.dynamoo.com, us-cert.gov and malwaredomainlist.com and are automatically reposted on colors.cbnetsecurity.com.X