Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

koeppelinteractive.co.uk suspended

December 28th 2008 in Uncategorized

image

Back on 17 December 2008 I wrote about malvertizements being distributed by criminals impersonating the legitimate Koeppel Interactive (the legitimate site being koeppelinteractive.com).

The fake site, koeppelinteractive.co.uk, is now inaccessible; its name servers have been changed to “ns1.suspended-domain.com” and “ns2.suspended-domain.com”.

Koeppelinteractive.com have added an alert to their site warning about the impersonation.

For what its worth, the IP address of the bad domain, 66.197.152.21, has a bad history.  For example:


Comments are closed.

     Adopstools results:http://www.adopstools.net/index.asp?page=quicklink&id=RC567srdR4afU35z   The malicious ad hits two URLs: freegreenstats.com/c/index.php?id=<<snipped>> (79.135.187.95) and statisticsmanager.com/?cmpid=<<snipped>>  (76.74.249.30) cookie dropped for adnetserver.com From statisticsmanager.com we are redirected to: onlinestatsmanager.com/ts/in.cgi?<<snipped>> (76.74.249.9) to: scan.freescanner-proas2009.com/<<snipped>> (78.26.179.130)  <– Directi registered domain The Installer is downloaded from: files.pro-antispyware-dl.com/load/<<snipped>>.exe <— Directi registered domain   […]

Previous Entry

It is all over the popular press – Websense have announced that they have found malicious script on the John Sands web site:http://securitylabs.websense.com/content/Alerts/3268.aspx I can only hope that WebSense, and all of the negative press that their announcement has triggered, will finally get John Sands to clean up their act and fix the problems with […]

Next Entry

Archives