Dynamoo's Blog

Malware, spam, scams and random stuff, by Conrad Longmore.

Wednesday, 24 February 2021

Updated 3NT Solutions LLP / inferno.name / V3Servers.net IP ranges (2021 edition)

It's been about a zillion years (well, OK it was 2017) when I last published a list of IPs belonging to 3NT Solutions LLP that you proba...

Tuesday, 24 November 2020

Websites owned by Philip John Sabin and associated companies

Apropos of nothing, all these websites are hosted on 212.230.207.100 to 213.230.207.109 (Netcalibre, UK) and appear to be owned and controll...

Monday, 18 March 2019

"Central Intelligence Agency - Case #79238516" extortion spam

I've seen various extortion spams over the past 12 months or so, but this one has a particularly vicious twist. If you haven't s...

Tuesday, 22 May 2018

Phishing and fraudulent sites hosted on 188.241.58.60 (Qhoster)

Nigerian registrants. Dodgy Eastern European host offering bulletproof and anonymous hosting. Yup, I very much doubt there is anything le...

Thursday, 10 May 2018

Malware spam: "New documents available for download" / service@barclaysdownloads.co.uk / barclaysdownloads.com

This fake Barclays spam seems to lead to the Trickbot banking trojan. From : Barclays [service@barclaysdownloads.co.uk] Date : 10...

Friday, 4 May 2018

"Best porno ever" Necurs spam

This spam (apparently from the Necurs botnet) promises much, but seems not to deliver. From: Susanne@victimdomain.tld [Susanne@victi...

Sunday, 1 April 2018

New Traffic Light Protocol (TLP) levels for 2018

The Traffic Light Protocol should be familiar to anyone working with sensitive data, with levels RED, AMBER, GREEN and WHITE being used to ...

View web version

Powered by Blogger.