Malware Domain List

Malware Related => Tools of the trade / Internet News => Topic started by: MysteryFCM on July 23, 2009, 10:37:17 am

Title: DirectI: A return to old form?
Post by: MysteryFCM on July 23, 2009, 10:37:17 am
Quote
Have DirectI returned to old form again, or is this just a coincidence?

http://msmvps.com/blogs/spywaresucks/archive/2009/07/22/1704910.aspx

The screenshot above left, shows a domain used in an exploit campaign, registered via DirectI. Then of course, there's this lot (all exploit domains so DO NOT LOAD IN A BROWSER!), all of which resolve to:

IP: 78.47.25.168
PTR: static.168.25.47.78.clients.your-server.de
Desc: FastVPS Ltd, St Petersburg, Russia

Read more
http://hphosts.blogspot.com/2009/07/directi-return-to-old-form.html
Title: Re: DirectI: A return to old form?
Post by: MysteryFCM on July 23, 2009, 03:34:15 pm
http://hphosts.blogspot.com/2009/07/directi-update.html