« previous next »
Pages: [1]   Go Down

Author Topic: DirectI: A return to old form?  (Read 2650 times)

0 Members and 1 Guest are viewing this topic.

July 23, 2009, 10:37:17 am
Read 2650 times

MysteryFCM

  • Administrator
  • Hero Member
  • Offline
  • *****
  • 1693
  • Personal Text
    Phishing Phanatic
    • I.T. Mate
DirectI: A return to old form?
Quote
Have DirectI returned to old form again, or is this just a coincidence?

http://msmvps.com/blogs/spywaresucks/archive/2009/07/22/1704910.aspx

The screenshot above left, shows a domain used in an exploit campaign, registered via DirectI. Then of course, there's this lot (all exploit domains so DO NOT LOAD IN A BROWSER!), all of which resolve to:

IP: 78.47.25.168
PTR: static.168.25.47.78.clients.your-server.de
Desc: FastVPS Ltd, St Petersburg, Russia

Read more
http://hphosts.blogspot.com/2009/07/directi-return-to-old-form.html
Logged
Regards

Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net
July 23, 2009, 03:34:15 pm
Reply #1

MysteryFCM

  • Administrator
  • Hero Member
  • Offline
  • *****
  • 1693
  • Personal Text
    Phishing Phanatic
    • I.T. Mate
Re: DirectI: A return to old form?
Logged
Regards

Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net
Pages: [1]   Go Up
« previous next »