Info collector

cristian

More highly personalised malspam using hijacked domains

By on March 20, 2017 in Latest SPAM

Following on from this spam some weeks ago, another one comes in using a broadly similar technique of including the potential victim’s real home address while using apparently hijacked infrastructure (although in this case the hijacking isn’t so elaborate). From: customerservice@newshocks.com [mailto:customerservice@newshocks.com] Sent: 15 March 2017 18:23Subject: [Redacted] Your order 003009

Continue Reading »

Pump and dump spam: Incapta Inc (INCT)

By on March 20, 2017 in Latest SPAM

It’s been a long time since I’ve seen a pump-and-dump spam run illegally pushing a stock as hard as this: From:To:Date:    20 March 2017 at 09:30Subject:    This stock is about to receive a buy out at 10 times its current market price…Dear Subscriber,It’s been a long time since I sent you my special newsletter containing […]

Continue Reading »

alegroup.info (2017/03/20_10:13)

By on March 20, 2017 in Malware Domains

Host: alegroup.info/ntnrrhst, IP address: 194.87.217.87, ASN: 197695, Country: RU, Description: Ransom, Fake.PCN, Malspam

Continue Reading »

fourthgate.org (2017/03/20_10:13)

By on March 20, 2017 in Malware Domains

Host: fourthgate.org/Yryzvt, IP address: 104.200.67.194, ASN: 8100, Country: US, Description: Ransom, Fake.PCN, Malspam

Continue Reading »

dieutribenhkhop.com (2017/03/20_10:13)

By on March 20, 2017 in Malware Domains

Host: dieutribenhkhop.com/parking/, IP address: 84.200.4.125, ASN: 31400, Country: DE, Description: Ransom, Fake.PCN, Malspam

Continue Reading »

dieutribenhkhop.com (2017/03/20_10:13)

By on March 20, 2017 in Malware Domains

Host: dieutribenhkhop.com/parking/pay/rd.php?id=10, IP address: 84.200.4.125, ASN: 31400, Country: DE, Description: Ransom, Fake.PCN, Malspam

Continue Reading »

ssl-6582datamanager.de (2017/03/14_23:02)

By on March 14, 2017 in Malware Domains

Host: ssl-6582datamanager.de/, IP address: 54.72.9.51, ASN: 16509, Country: US, Description: redirects to Paypal phishing

Continue Reading »

privatkunden.datapipe9271.com (2017/03/14_23:02)

By on March 14, 2017 in Malware Domains

Host: privatkunden.datapipe9271.com/, IP address: 104.31.75.147, ASN: 13335, Country: US, Description: Paypal phishing

Continue Reading »

www.hjaoopoa.top (2017/03/06_21:09)

By on March 6, 2017 in Malware Domains

Host: www.hjaoopoa.top/admin.php?f=1.gif, IP address: 52.207.234.89, ASN: 14618, Country: US, Description: Cerber ransomware

Continue Reading »

up.mykings.pw:8888 (2017/03/06_21:09)

By on March 6, 2017 in Malware Domains

Host: up.mykings.pw:8888/update.txt, IP address: 60.250.76.52, ASN: 3462, Country: TW, Description: related to a Mirai windows spreader trojan

Continue Reading »

Top