Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

Dear HP… that really isn’t a very helpful dialogue box…

March 31st 2012

Just saying…   The only way to get rid of the darned thing is to fire up Task Manager and shut down the HPWUCli.exe process (sigh)

Read On Comments Off

Bigpond phish

March 25th 2012

This email is NOT from Bigpond. Interestingly it seems to have been sent to the @bigpond.com email recipient using a compromised @bigpond.com user account. The source IP address, 180.215.155.152, is in India. If you reply to the email, your email actually goes to webaccountdept@w.cn: w.cn is registered to Xiamen Yi Network Technology Co., Ltd. The […]

Read On Comments Off

Lots of bad domains…

March 22nd 2012

Thank you to the source – you know who you are adpointroll.com – 85.93.18.197 adsturn.com – 85.93.18.198 adsvirginmobileusa.com – 85.93.18.200 advirginmobileusa.com – 85.93.18.200 advirginmobileusainc.com – 85.93.18.200 best-serving.com – 85.93.18.202 convertro.net – 85.93.18.201 cpmtrack.net ctrtrack-15.com – 85.93.18.198 daviselenserver.com – 85.93.18.194, 85.93.18.201 d1openx.com – 85.93.18.208 dlopenx.com – 85.93.18.201 hostcreati.com – 85.93.18.204 interclickctr.com – 85.93.18.198 impsserv.com – 85.93.18.203 […]

Read On 2 Comments

Impersonator domain – RepEquityinc.com

March 22nd 2012

RepEquityinc.com – reported as impersonating the legitimate domain RepEquity.com and claiming to represent RealtyTrac ICANN Registrar: BIZCN.COM Created 2 March 2012 IP: 64.120.234.197 Registrant: Fern Tindell (admin@repequityinc.com) Sharing IP address with 9 other domains: 1285.ru, blackseoworld.com, canstansa.com, earthclassmail-corporate.com, legalsklad.com, mansuetocorp.com, virtualpostmail.net. vvsmail.com, wbshop.biz Provided the following impersonator domains as references: sinclairgroup.us ICANN Registrar: TODAYNIC.COM Created […]

Read On Comments Off

BIZCN.COM has a headache…

March 22nd 2012
Read On Comments Off

Reported as being used for malvertizing – metsotr.com

March 22nd 2012

metsotr.com ICANN Registrar: BIZCN.COM Created 19 March 2012 IP: 85.93.18.205 Registrant: Alfred Steele (1@contrackcrt.com) Shares IP with contrackcrt.com ICANN Registrar: BIZCN.COM Created 19 March 2012 Registrant: Alfred Steele 1@contrackcrt.com

Read On Comments Off

Reported as being used for malvertizing – adsturn.com

March 22nd 2012

adsturn.com Note: do not confuse with the legitimate domain ads.turn.com ICANN Registrar: TODAYNIC.COM IP: 85.93.18.198 Created 9 March 2012 Registrant: Michael V Simpson (michaelvsimpson@gmail.com) Some digging brings up interclickctr.com sharing IP address ICANN Registrar: BIZCN.COM Created 9 March 2012 Registrant: INST Ads (cpmtrack@cpmtrack.net) cpmtrack.net ICANN Registrar: BIZCN.COM Created 9 March 2012 Registrant: INST Ads (cpmtrack@cpmtrack.net)

Read On Comments Off

Reported as being used for malvertizing – daviselenserver.com

March 22nd 2012

daviselenserver.com ICANN Registrar: BIZCN.COM Created 7 March 2012 IP: 85.93.18.201 Registrant: Davis Elen Advertising (admin@daviselenmedia.com)  Note: This domain is reported as attempting to impersonate the legitimate domain daviselen.com Shares IP with convertro.net and dlopenx.com dlopenx.com is of particular interest, bearing in mind the potential for impersonating legitimate openx domains. ICANN Registrar: BIZCN.COM Created 7 March […]

Read On Comments Off

Reported as being used in malvertizing – adpointroll.com

March 22nd 2012

NOTE: Do not confuse with the legitimate ad.pointroll.com   Bad domain: adpointroll.com ICANN Registrar: BIZCN.COM Created 8 March 2012 IP: 72.8.150.30 Registrant: Pointroll (jacksosomands@statip.net) Note similarity to registrant email of best-serving.com mentioned here. Shares IP with 515 domains.

Read On Comments Off

Reported as being used in malvertizing – cpmstatalpha.com

March 22nd 2012

cpmstatalpha.com ICANN Registrar: TODAYNIC.COM Created 9 March 2012 IP: 85.93.18.202 Registrant: Michael P Eaton (michaelpeatonin@gmail.com)   Shares IP with best-serving.com ICANN Registrar: BIZCN.COM Created 14 March 2012 Registrant: Best Serving, Hazel Cooper (jacksosomands@gmail.com)

Read On Comments Off