hpHosts: Updated July 31st

Sorry for the delay in publishing this folks.hpHOSTS - UPDATED July 31st, 2010The hpHOSTS Hosts file has been updated. There is now a total of 124,414 listed hostsnames.If you are NOT using the installer, please read the included Readme.txt file for installation instructions. Enjoy!Latest Updated: 31/07/2010 13:18Last Verified: 31/07/2010 15:00Download hpHosts now!http://hosts-file.net/?s=Download

Read More

Crimeware friendly ISPs: AS49544 INTERACTIVE3D-AS

Whilst I'm waiting for the test machine to process results regarding trojans in MessengerPlus (more on that when the test machine has finished with the results), I thought we'd do another Crimeware friendly article. This time, it's Interactive3D.Interactive3D have connections to various nefarious networks, such as root eSolutions (aka root SA), ServerBoost and KABELFOON, but one of their

Read More

PegasHosting: Where are they now?

I thought I'd check on where the domains previously housed on the now null-routed PegasHosting range, had moved to, if anywhere. The results speak for themselves; DOMAIN IP PTR ASN4aclepsa.com178.162.135.81178-162-135-81.no.name28753 178.162.128.0/17 NETDIRECT AS NETDIRECT Frankfurt, DEadjustedresults.com178.162.135.115178-162-135-115.pegashosting.com28753 178.162.128.0/17 NETDIRECT AS NETDIRECT

Read More

Pinball Publisher Corp: Hotbar.com deceptive installation.. again

Hotbar.com probably needs no introduction as an unpleasant piece of Slimeware, picked up from the ruins of Zango by a Washington State company calling itself Pinball Corporation. Traditionally, companies like Zango and Pinball work on a pay-per-install basis for their software, and recruit affiliates to get the software installed on end user's machines. Anyone who deals with affiliate marketing

Read More

Alert: geekstogo.com serving exploit

Just a note folks, geekstogo.com has been compromised again, and is currently serving malicious code, via;hxxp://www.geekstogo.com/blog/wp-includes/js/scriptaculous/effects.js?ver=1.8.3I've tried calling geekstogo.com but they rejected my call because my number is ex directory, and the host (SoftLayer) wasn't any help.The exploit itself is loaded from a Hanaro hosted IP address (219.255.13.77),

Read More

Fake AV, Fake Support

If you’re a corporate customer and you’ve ever had issues with mass malware infection or a critical false positive, you will have thought about support issues, of course, and larger sites might have a carefully negotiated, tailored contract in place to cover potential problems. For home users it’s a bit different, and many consumers prefer a free product with no support to a for-fee product that

Read More

How do you work?

Q. How do you know when it's time to re-evaluate the way you work and the way you store data?A. When it takes over 24 hours just to import the old Outlook PST fileBefore you look at me all confused. I've been working with a Toshiba Satellite L300 for well over a year or so now, and sadly, it's mouse button has broke, and it's become as unstable as hell. Yes, I could've just wiped Windows and

Read More

HostExploit presents the Q2 2010 Top 50 Bad Internet Hosts & Networks Cybercrime Report

At rank #1 of the ‘Top 50 Bad Hosts’, Demand Media/eNom (USA) earns the label of ‘worst host’ from security analysts HostExploit taking over the top spot from Ecatel (Netherlands). A detailed analysis shows high levels of Internet ‘badness’ and cybercriminal activity hosted by Demand Media/eNom in their role as an Internet Service Provider (ISP). HostExploit is pleased to present the Q2 2010

Read More

hpHOSTS - Updated July 14th, 2010

hpHOSTS - Updated July 14th, 2010The hpHOSTS Hosts file has been updated. There is now a total of 124,502 listed hostsnames.If you are NOT using the installer, please read the included Readme.txt file for installation instructions. Enjoy! :)Latest Updated: 14/07/2010 20:00Last Verified: 14/07/2010 21:00Download hpHosts now!http://hosts-file.net/?s=Download

Read More

PegasHosting range null-routed

After seeing an article by Conrad over at dynamoo.com, I decided to get in touch with my contact at NetDirekt (cheers Frank!), and am happy to report, PegasHosting have now had one of their ranges null-routed.http://blog.dynamoo.com/2010/07/evil-network-pegashosting-network.htmlPegasHosting (178.162.135.0 - 178.162.135.255), an "ISP" based out of the Ukraine, have had a history of being 100%

Read More

Scam Alert: fadebook.info

I came across a rather intruiging domain whilst investigating a case - fadebook.info.The domain obviously set off alarms due to the obvious similarity to fadebook.info, and when deciding to look at it, wasn't expecting very much, just the usual phish if anything. However, upon closer inspection, it surprised me a little - it wasn't a facebook phish at all - it was something else.When first

Read More

Paragon Giveaway: Backup, Backup, Backup!

Many of us beat the backup drum quite frequently, in the hopes that others will listen, and begin backing up their systems, websites and whatnot, so they've got something to fall back on, should disaster strike.I was given keys for a couple of Paragon applications a few months ago, so I could evaluate them, and am still in the process of doing that, but in the meantime, Paragon have announced

Read More

Scam Alert: theconsumerherald.com

Following in the footsteps of the lot I previously mentioned, we have theconsumerherald.com, which lives at;IP: 173.204.4.210IP PTR: yellowhammermg.comASN: 26228 173.204.0.0/17 SERVEPATH - ServePath, LLC.This lovely little fellow was found whilst checking up on darkprofits.com. Loading the site, I was pleasantly surprised to find it was now parked - but as with most parking servers, there was a

Read More