Spyware Sucks

New fraudware

Nice, yes?  I received a copy of the alert from an associate who wanted to know if I’d seen it before.

Of course, you get the chance to pay $400 or so to make it all go away (and hand over your name, address and full credit card details):

Screenshot credit: http://torrentfreak.com/malware-extort-cash-from-bittorrent-users-100411/

Don’t want to pay the $399.85 and prefer to go to Court? Then you see this:

Screenshot credit: http://torrentfreak.com/malware-extort-cash-from-bittorrent-users-100411/

So, who are ICCP Foundation? Well, they claim to be “a law firm which specialises in assisting intellectual property rights holders exploit and enforce their rights globally”, but who are they *really"*?

icpp-online.com
ICANN Registrar: ENOM, INC
Created: 24 February 2010

IP: 193.33.114.77 - Karnten - Klagenfurt - Anexia Internetdienstleistungs Gmbh

Shares IP with green-stat.com and media-magnats.com

Registrant:
Overns Ltd
Shoen Overns (ovenersbox@yahoo.com)

ovenersbox@yahoo.com - associated with use of the Liberty Exploit Kit:
http://www.malwaredomainlist.com/mdl.php?search=ovenersbox@yahoo.com&colsearch=All&quantity=50

*****

green-stat.com
ICANN Registrar: BIZCN.COM
Created: 27 January 2010

Registrant:
ChanSu (tahli@yahoo.com)

*****

media-magnats.com
ICANN Registrar: BIZCN.COM
Created 27 January 2010

Registrant:
ChanSu (tahli@yahoo.com)

tahli@yahoo.com is associated with some pretty bad stuff:
http://ddanchev.blogspot.com/2009/12/koobface-gang-wishes-industry-happy.html

Various trojans and exploits:
http://www.malwaredomainlist.com/mdl.php?search=tahli@yahoo.com&colsearch=All&quantity=50