Comments on websites

Imagem do usuário

Spamsite: hjataheg.cn

Qui 02 Jul 2009 10:30:31 UTC — mastermattie

This site was registered yesterday.

Lots of spam mails were sent from infected PCs. With Wireshark I was able to see the content of the mails on one of the infected PCs.

Links and images were linking to hjataheg.cn.
The only difference between the mails were:

> The subject,
> The subdomains of the links and images
> The Company name below the message
> And -of course- the email addresses.

Please rate this site as VERY BAD!!

Imagem do usuário

Done

Qui 02 Jul 2009 12:40:19 UTC — cconniejean

Rated and commented. I also came across this:
'http://rss.uribl.com/ns/wantdrool_ru.html'. I not making the link to uribl.com live, because their links are live to these domains.

Imagem do usuário

re: hjataheg.cn

Sex 03 Jul 2009 09:21:11 UTC — g7w

hjataheg.cn created: 2009-07-01
redirects to: medsmartsafety.com created: 2009-07-02

There's more, they either redirect to medsmartsafety.com or are independent websites, all are FAKE Med's sites phishing for PII

the list, rate RED

202.75.37.166
220.248.167.126
119.39.238.2
203.93.208.86
218.75.144.6
222.241.150.146
61.191.191.241
aglowarm.com
aromafish.com
clearmass.com
coateach.com
com.wait4magic.com
dns4.ropebird.com
fabledmaxi.com
followletter.com
grewcall.com
mail.medsorder.net
medsorder.net
mighthurry.com
nnumayab.cn
ns1.aglowarm.com
ns1.aromafish.com
ns1.clearmass.com
ns1.fabledmaxi.com
ns1.followletter.com
ns1.grewcall.com
ns1.secondwait.com
ns1.via11.net
ns1.via22.net
ns2.followletter.com
ns2.grewcall.com
ns2.secondwait.com
ns2.via11.net
ns2.via22.net
ns2.via65.com
ns2.whomwecare.com.wait4magic.com
ns3.followletter.com
ns3.grewcall.com
ns3.medsorder.net
ns3.secondwait.com
ns3.via22.net
ns3.via65.com
ns4.aglowarm.com
ns4.followletter.com
ns4.grewcall.com
ns4.secondwait.com
ns4.via11.net
ns4.via22.net
ns4.via65.com
via11.net
via22.net
via65.com
wait4magic.com
wantdrool.ru
whomwecare.com.wait4magic.com
xwivebik.cn

-------
Against Intuition - gives us safety through Web of Trust.
WOT Community - gives us security through unity.
Thank you all
G7W {G.O.M}
http://g7w.net/

Imagem do usuário

Thanks g7w!

Sex 03 Jul 2009 11:26:11 UTC — shazza

All rated & commented!

Imagem do usuário

All rated and commented.

Sex 03 Jul 2009 12:09:10 UTC — cconniejean

All rated and commented.

Imagem do usuário

A few more eating dirt!

Sex 03 Jul 2009 13:23:50 UTC — cotojo

Rated and commented :-)

Colin
http://freepcsecurity.co.uk
"If you have knowledge, let others light their candles with it" - Winston Churchill

Imagem do usuário

Done

Sex 03 Jul 2009 18:23:29 UTC — phantazm

Rated commented...

Imagem do usuário

Thanks .

Sex 03 Jul 2009 20:36:06 UTC — Athlonite

Rated and commented.

Athlonite.

Your help is always needed.

Imagem do usuário

Done 2

Sex 03 Jul 2009 22:47:57 UTC — Xp54321

Rated and commented.

Thanks.

:-)