Author Topic: Criminals: AS56860 ELETTROGRAF SC ELETTROGRAF SRL  (Read 3261 times)

0 Members and 1 Guest are viewing this topic.

June 30, 2011, 03:52:44 am
Read 3261 times

MysteryFCM

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 1693
  • Personal Text
    Phishing Phanatic
    • I.T. Mate
Quote
What do you do when you need lots of IPs to house your fake meds and other criminal sites? Use botnets? compromised sites/servers? That's certainly what the bad guys involved in exploits, malware and other badness like to do.

Of course, another favourite of the bad guys, is to set up their own ASNs, complete with batches of IPs and IP ranges, to house their criminal activities. This is exactly what AS56860 have done. They've gotten themselves (so far) 2 /24's that are housing badness including fake meds sites and fake watches sites and the likes. The /24's?

95.64.34.0/24
188.229.95.0/24

Just looking at 188.229.95.0/24 alone, shows a plethora of fake meds sites, alot of which are being found in spam e-mails (and a huge thank you to the friend that's sending me these as the spammers don't seem to be sending me these particular ones).

http://hphosts.blogspot.com/2011/06/criminals-as56860-elettrograf-sc.html
Regards

Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net

July 02, 2011, 06:16:08 pm
Reply #1

MysteryFCM

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 1693
  • Personal Text
    Phishing Phanatic
    • I.T. Mate
Regards

Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net