Dynamoo's Blog
Malware, spam, scams and random stuff, by Conrad Longmore.
Showing posts with label
UK2.NET
.
Show all posts
Showing posts with label
UK2.NET
.
Show all posts
Thursday 11 July 2013
Malware sites to block 11/7/13
›
I noticed 188.138.89.106 (Intergenia AG, Germany) was the originating IP being used in this spam run using a hijacked 1&1 account, a...
"WTX Media INC" spam / dajizzum.com
›
This fake invoice spam from the nonexistant "WTX Media" leads to a malware landing page on dajizzum.com : From: Rebecca Media...
Tuesday 22 January 2013
Something evil on 109.123.66.30
›
109.123.66.30 (UK2.NET, UK) hosts several domains containing the Blackhole Exploit Kit ( example here ). The domains in user are (mostly)...
1 comment:
Monday 16 April 2012
"You've just ordered pizza from our site" / uiwewsecondary.ru
›
We haven't seen this "pizza spam" (or spam pizza?) for a while. Rest assured, it leads to malware on uiwewsecondary.ru : D...
1 comment:
Thursday 12 April 2012
Federal Reserve Wire Network spam / vanishingmasers.ru
›
This spam leads to malware on vanishingmasers.ru : Date : Thu, 12 Apr 2012 15:14:41 -0300 From : "Lidia Polk" [uzb...
Wednesday 22 February 2012
Contract spam / cpojkjfhotzpod.ru
›
Another spam run (will they ever end?) this time with a malicious .htm attachment that tries to download from cpojkjfhotzpod.ru . Here are...
Thursday 19 January 2012
Wire transfer malicious spam / monikabestolucci.ru:8801 and 78.159.118.226
›
More malicious spam doing the rounds, but this time it's more complicated than before. From: accounting@victimdomain.com [mailto:ac...
›
Home
View web version