Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

Will the real TBWA Worldwide please raise their hand…

December 2nd 2010 in Uncategorized

Treat this domain with extreme caution please…

tbwaagency.com
ICANN Registrar: Melbourne IT DBA Internet Names Worldwide
Registered 14 November 2010

IP: 67.195.145.141 – Yahoo

Registrant: John Mcneel

 

tbwaagency.com claims to be "TBWA Worldwide, Division of Omnicom Group", but according to the Omnicom Group web site, the URL for TBWA is www.tbwa.com, not "tbwaagency.com".


One comment to...
“Will the real TBWA Worldwide please raise their hand…”

David M

Sandi, I have to wonder if these same characters wer also involved in the latest Malicious Ads that hit the DOUBLECLICK & MSN Ad networks as they used a domain name “close” another Ad Medai companies original name. They used a variation on the http://www.ADShuffle.com domain, the bad guys used http://www.ADShufffle.com

You can find more on it in a story at the link below:
http://threatpost.com/en_us/blogs/major-ad-networks-found-serving-malicious-ads-121210


adservingmediagroup.com ICANN REgistrar: BIZCN.com Created 7 November 2010 IP: 112.137.162.171 – Kuala Lumpur Registrant: NewCompany ltd (moonbeam@konocti.net) (address associated with 108 domains) Shares IP with adservingmedia.org, bubaiwangchao.com, cc-shop.com, includejoomla.com, Tl177.com, windowsupdatechecker.com ***** sheralli.com ICANN Registrar: BIZCN.COM [...]

Previous Entry

I think it is worthwhile to make some observations about comments/assumptions in the two articles I have seen so far about the ICQ incident. First, the securelist.com article: “The interesting thing about these cases is that the users were getting fake anti-virus browser pop ups while not actively using the computer. During our [...]

Next Entry