Friday, 3 October 2008
It would seem Directi wasn't really being serious when they said they were clamping down on just what their customers were doing, because our friend cr4nk now has a new domain (as of September 23rd) - cr4nk.us.
Even worse here, is Directi using ITWeb Domain Protection - a "company" known ONLY for it's association with scammy/malicious domains. I've not come across a single legit domain that's associated with them, and as noted above, they don't seem to have their own website, opting instead, to provide a hushmail.com contact address. Further to this, ITWeb Domain Protection list their location as Panama (more here), a country that's become a favourite amongst organized criminals online (e.g. Est Domains and the RBN), but interestingly, earlier this year, according to an arbitration, they listed themselves as being in India.
See Google for a ton of people complaining about ITWeb Domain Protection;
And who is providing the hosting for this domain? HostFresh of course - same as last time.
I have sent Directi an e-mail asking why they've allowed cr4nk to register a new domain with them, given their known history (and still ongoing) of trying to exploit web servers via RFI (Remote File Injection) and DCI (Direct Code Injection), and will let you know if/when I receive a response (I'm not hopeful).
Other domains on this IP block include;
hpHosts - cr4nk.us
cr4nk.ws again - another Directi, LogicBoxes, LiquidWeb exploit gang
cr4nk.ws has moved to Hostfresh
cr4nk.ws has gone!
cr4nk responds - OH NOEZ!
Skiddie responds ..... again - cr4nk says thanks?
Posted by MysteryFCM at 14:01