Malware Domain List

Malware Related => Tools of the trade / Internet News => Topic started by: MysteryFCM on June 30, 2011, 03:52:44 am

Title: Criminals: AS56860 ELETTROGRAF SC ELETTROGRAF SRL
Post by: MysteryFCM on June 30, 2011, 03:52:44 am
Quote
What do you do when you need lots of IPs to house your fake meds and other criminal sites? Use botnets? compromised sites/servers? That's certainly what the bad guys involved in exploits, malware and other badness like to do.

Of course, another favourite of the bad guys, is to set up their own ASNs, complete with batches of IPs and IP ranges, to house their criminal activities. This is exactly what AS56860 have done. They've gotten themselves (so far) 2 /24's that are housing badness including fake meds sites and fake watches sites and the likes. The /24's?

95.64.34.0/24
188.229.95.0/24

Just looking at 188.229.95.0/24 alone, shows a plethora of fake meds sites, alot of which are being found in spam e-mails (and a huge thank you to the friend that's sending me these as the spammers don't seem to be sending me these particular ones).

http://hphosts.blogspot.com/2011/06/criminals-as56860-elettrograf-sc.html
Title: Re: Criminals: AS56860 ELETTROGRAF SC ELETTROGRAF SRL
Post by: MysteryFCM on July 02, 2011, 06:16:08 pm
Criminals part 2: AS56927 GOLDENIDEAS SC GoldenIdeas SRL
http://hphosts.blogspot.com/2011/07/criminals-part-2-as56927-goldenideas-sc.html