Info collector

Archive for January, 2017

www.lifelabs.vn (2017/01/25_20:15)

By on January 25, 2017 in Malware Domains

Host: www.lifelabs.vn/api/get.php?id=aW5mb0BzYXBjdXBncmFkZXMuY29t, IP address: 118.69.196.199, ASN: 18403, Country: VN, Description: Trojan.Backdoor, Office.Word.Downloader

Continue Reading »

falconsafe.com.sg (2017/01/25_20:16)

By on January 25, 2017 in Malware Domains

Host: falconsafe.com.sg/api/get.php?id=aW5mb0BzYXBjdXBncmFkZXMuY29t, IP address: 43.229.84.107, ASN: 38532, Country: SG, Description: Trojan.Backdoor, Office.Word.Downloader

Continue Reading »

WARNING: pmacademyusa.org / “Project Management Academy USA”

By on January 23, 2017 in Latest SPAM

For the past six years I have been following the exploits of Patchree “Patty” Patchrint and Anthony Christopher Jones who claim to run a series of seminars on project management and grant writing. Umm.. and failed restaurants in Los Angeles. I’m not going to repeat all of the information in this post, I advise you […]

Continue Reading »

Malware spam: “The Insolvency Service” / “Investigations Inquiry Notification” / chucktowncheckin.com / chapelnash.com

By on January 19, 2017 in Latest SPAM

This malware spam in unusual in many respects. The payload may be some sort of ransomware [UPDATE: this appears to be Cerber]. From: The Insolvency Service [mailto:service@chucktowncheckin.com] Sent: 19 January 2017 12:22 Subject: EGY 318NHAR12 – Investigations Inquiry Notification Company Investigations Inquiry Informing You that we have received appeal regarding your company which

Continue Reading »

61kx.uk-insolvencydirect.com (2017/01/19_13:05)

By on January 19, 2017 in Malware Domains

Host: 61kx.uk-insolvencydirect.com/sending_data/in_cgi/bbwp/cases/Inquiry.php, IP address: 35.166.113.223, ASN: 16509, Country: US, Description: leads to ransomware

Continue Reading »

daralasnan.com (2017/01/19_13:05)

By on January 19, 2017 in Malware Domains

Host: daralasnan.com/wp-content/plugins/mkazaqbya/vmywyvz4.php, IP address: 166.62.12.1, ASN: 26496, Country: US, Description: leads to ransomware

Continue Reading »

www.studiolegaleabbruzzese.com (2017/01/19_13:05)

By on January 19, 2017 in Malware Domains

Host: www.studiolegaleabbruzzese.com/wp-content/plugins/urxwhbnw3ez/flight_4832.pdf, IP address: 62.149.142.206, ASN: 31034, Country: IT, Description: ransomware

Continue Reading »

raneevahijab.id (2017/01/19_13:05)

By on January 19, 2017 in Malware Domains

Host: raneevahijab.id/adnin/box/workspace/, IP address: 103.24.13.91, ASN: 132644, Country: ID, Description: phishing site

Continue Reading »

Scam: 01254522444, the fake BT engineer and 888DCA60-FC0A-11CF-8F0F-00C04FD7D062

By on January 12, 2017 in Latest SPAM

In the past few weeks I have seen a huge upsurge in the number of Indian tech support scammers ringing, both at home and my place of work. (For example.. this). One common trick they use revolves around this hexadecimal number 888DCA60-FC0A-11CF-8F0F-00C04FD7D062. Either it’s a signal that hackers are at your PC, or it’s your […]

Continue Reading »

Top