Malware Domain List

Malware Related => Malicious Domains => Zlkon.lv => Topic started by: sowhat-x on April 06, 2009, 03:23:12 pm

Title: hs.2-137.zlkon.lv (94.247.2.137)
Post by: sowhat-x on April 06, 2009, 03:23:12 pm
The fake AV sites of "MS Antispyware 2009"...
(note: links to the malware executables not active at the moment)

Quote
addantivirus.com
antispylinks.com
antispylist.com
antispywareup.com
antiviruscheckout.com
antivirusup.com
goldpcguard.com
etc etc...
Title: Re: hs.2-137.zlkon.lv (94.247.2.137)
Post by: SysAdMini on April 06, 2009, 03:58:43 pm
Interesting. Those urls have been already reported to me as Zlkon urls.
But they resolve to 64.191.12.38 for me, not to zlkon.
Title: Re: hs.2-137.zlkon.lv (94.247.2.137)
Post by: sowhat-x on April 06, 2009, 04:24:26 pm
Yeap,you're totally about this...same ip resolves from here,and it seems that most of the online reverse ip services,haven't yet updated their data.
Plus several domains that were more than active during middle-March,appear to be temporarily semi-defunct currently,
they're probably in need of decentralizing some of their "merchantize"...
Title: Re: hs.2-137.zlkon.lv (94.247.2.137)
Post by: SysAdMini on April 06, 2009, 04:26:55 pm
Should we delete this topic until we get a real 137 address ?
Title: Re: hs.2-137.zlkon.lv (94.247.2.137)
Post by: sowhat-x on April 06, 2009, 04:45:19 pm
...to be 100% precise,I quickly parsed almost of the 94.247.2.x - 94.247.3.x ips during last night,
and they've certainly killed/moved lots of stuff that had been spotted in public during the 3 last months...
From the 500 about ips,for at least the 400 complaints/details could be found just via merely googling...
So yeah,remove it,makes no difference after a certain point...after all,it's not that difficult to find dns records' history if needed ;)

So the shame now goes to...AS21788 - BurstNet Technologies Inc.,if they don't get these down before they re-activate:
http://www.robtex.com/ip/64.191.12.38.html

PS:That's kinda of funny,in a twisted sense of humour of course:
http://www.webhostdir.com/news/showNews.aspx?ID=10346

Title: Re: hs.2-137.zlkon.lv (94.247.2.137)
Post by: MysteryFCM on April 06, 2009, 06:13:11 pm
Still resolves to .137 :)

msantispyware2009.com