Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

This is too easy…..

January 24th 2008 in Uncategorized

IP 83.149.75.50 detected as subscribing one of my email addresses to a mailing list without permission.


Reduce it down to 83.149.75… do a Google search.. and what do we find?   Connections with malware…. “malwarewipe.com”????


http://board.protecus.de/t25767.htm


“http://malwarewipe.com/images/blue-gray-stripe.gif – deleted
http://83.149.75.51/count/l.php?pl=Win32&ce=true&id=rrd – deleted
http://www.surveyswages.com/img/laptop9.gif – deleted


http://dl.web-nexus.net/exclurls.php


“83.149.75.” is a blocked IP.


Coincidence? 


What’s cool is that I have only scratched the surface so far….. I have a mild interest in what’s going on … along the lines of “let’s check this out just in case there’s something newsworthy” but let’s be honest… who gives two hoots about being subscribed to mailing lists… so many people have tried the “let’s subscribe somebody we don’t like to lots and lots of mailing lists” trick that it’s a boring topic.


Let’s see what happens over the next few days. Who knows, *they* may do something else mildly interesting, or something really dumb that we can giggle at, otherwise, I won’t bore you with the details.


 


One comment to...
“This is too easy…..”

Barry

Hilarious. I mean, if we were living in a world where we didn’t already get dozens or hundreds of spam e-mails every day, and where we didn’t already filter those e-mails directly to the round file, maybe this kind of thing would amount to more than a drop in the bucket. But as it stands, I’m sure your e-mail address, like mine, is on zillions of spam lists already, and filtering the e-mails from a few mailing lists is trivial by comparison.

The good news is that you can be proud that you’re getting under someone’s skin enough for them to try a childish prank like that. 🙂


Keep ’em coming friend.  *Everything* is traceable eventually.

83.149.75.50 = LeaseWeb AS Amsterdam, Netherlands…. why am I not surprised?  The Netherlands has popped up several times in my recent articles about malware domains….

Previous Entry

The malware domains we have been featuring have moved on again – they are no longer hosted by Denit Internet Services, Amsterdam.
But it looks, this time, like the bad guys need a break from moving to host to host to host [H]
akamahi.net (190.15.64.185) (securehost.com)newbieadguide.com (190.15.64.188) (securehost.com)thetechnorati.com (190.15.64.191) (securehost.com)vozemiliogaranon.com (190.15.64.192) (securehost.com)
Now remember, there is a slew […]

Next Entry

Archives