Search Results

Wednesday, October 01, 2008 12:00 AM

Movement by Etdomains/Esthosts

No biggie. Before: estdomains.com A 83.171.76.98 - ZAO Petersburg Transit Telecom (PTT), Russia (AS31353) estdomains.com A 94.102.49.3 - Ecatel LTD, Amsterdam (AS29073) estdomains.com NS ans1.esthost.com estdomains.com NS ans2.esthost.com estdomains.com NS temp1.estdomains.com estdomains.com NS ns1.estdomains...
Posted: Wednesday, October 01, 2008 12:00 AM by sandi
Friday, October 24, 2008 12:00 AM

Estdomain Press Release: aka "we're good guys, honest"

Here's the Press Release: http://www.prweb.com/releases/2008/10/prweb1504344.htm An Esthost representative also posted a message to NANOG a while back - as far as I know, there was only one public response: http://www.gossamer-threads.com/lists/nanog/users/109300 Do I believe that Estdomains/Esthost...
Posted: Friday, October 24, 2008 12:00 AM by sandi
Saturday, September 27, 2008 12:00 AM

So, where are Esthosts/Estdomains now that Intercage/Atrivo are in such trouble?

Let's take a look-see at where Intercage/Atrivo's most infamous client, esthosts/estdomains, are situated - using Domaintools, cidr-report.org and bfk-de, and a smattering of Sam Spade 1.14. I'm not using Robtex that much because I get the sense that, sometimes, its data is behind the times...
Posted: Saturday, September 27, 2008 12:00 AM by sandi
Sunday, March 23, 2008 12:00 AM

And another one.... classmates.com has a problem....

Edited on 21 August 2008 to replace deleted graphic... surprisingly, the SWF is still accessible via the original URL, even after all this time. This time the URL is: http://nztv.prod.untd.com/RealMedia/ads/Creatives/ISP/CM_GeminiIntera_FPWS_5_10179/160x600.swf Same malicious SWF: iexplorer-security...
Posted: Sunday, March 23, 2008 12:00 AM by sandi
Wednesday, September 17, 2008 12:00 AM

I sense a phishing storm approaching ...

I'm sure my readers already know about the goings-on affecting Estdomains/Intercage and Atrivo in recent times - suffice to say that the bad guys are being chased from pillar to post and back again, and were at risk of being knocked off the Internet completely. Brian Krebs can claim credit for starting...
Posted: Wednesday, September 17, 2008 12:00 AM by sandi
Friday, March 28, 2008 12:00 AM

Forceup.com are distributing malicious advertisements .. again - an examination of the social engineering behind malvertisements

Today we are going to take a look at social engineering and other tactics used by the fraudsters that push malicious banner advertisements. Heaven knows we have talked enough about what the malicious advertisements actually *do*; now it is time to talk about what the *fraudsters* do... I cannot stress...
Posted: Friday, March 28, 2008 12:00 AM by sandi