This time we see that he is tweaking the WHOIS for traveltray.com and workhomecenter.com.
To recap, so far he has tweaked mydwnld.info, matchservice.com, supportsvc.com, getfreecar.com and veritylimited.com in recent times:
Details here:http://www.icann.org/en/announcements/announcement-2-29oct08-en.htm “On 28 October 2008, ICANN sent a notice of termination to EstDomains http://www.icann.org/correspondence/burnette-to-tsastsin-28oct08-en.pdf [PDF, 76K]. Based on an Estonian Court record, ICANN has reason to believe that the president of EstDomains, Vladimir Tsastsin, was convicted of credit card fraud, money laundering and document forgery on 6 February 2008. Pursuant to Section […]
Courtesy of Kimberley URLs used to facilitate the hijacking: bannersrotator.com/fx22010/click.phpstl.0ups.com/stl/in.cgi?24& Note that different SWF files are served to the potential victim, depending on the version of Flash being used… I’ll also emphasise that the malicious domain is not associated with the legitimate company Metrixlab at www.metrixlab.com. AND, guess who is the ICANN Registrar…. DIRECTI. […]