I don't think I've ever taken the time to document them before, with the exception of a quick mention of Magrathea last year, so am doing so now, as a thank you for being extremely helpful and extremely quick, to shut down the criminals.
Magrathea Telecom
Magrathea Telecom offer a number of services, the main one that I see abused, is telephone routing. This involves the use of an 070 number (Ref: Personal Numbers), that the scammer then inserts into phishing scams such as the following, received a few minutes ago;
Dear Winner,
The BMW Automobile Company, Congratulate you as one of our Ten(10)Star Prize Winner. You won (£750,000.00 GBP) Seven hundred and fifty thousand Great British Pounds and a new BMW 2009 X6 xDrive 35 Car The BMW (IAP) held on 21 March 2009, in London. Contact him with: Full name/Contact address/Sex/Tel/Occupation/Age/Country.
Mr.Louis Moore,
E-mail:bmwclaimsunit@hotmail.com
Phone: +44 7024019869
Fax ;+44 7005-964-94
Regards
Mrs Kate Williams.
The BMW Automobile Company, Congratulate you as one of our Ten(10)Star Prize Winner. You won (£750,000.00 GBP) Seven hundred and fifty thousand Great British Pounds and a new BMW 2009 X6 xDrive 35 Car The BMW (IAP) held on 21 March 2009, in London. Contact him with: Full name/Contact address/Sex/Tel/Occupation/Age/Country.
Mr.Louis Moore,
E-mail:bmwclaimsunit@hotmail.com
Phone: +44 7024019869
Fax ;+44 7005-964-94
Regards
Mrs Kate Williams.
Magrathea have helped me to shut down a whole slew of these guys, so deserve a huge thanks!
Lycos
Whilst certainly not the quickest to respond, Lycos have been immensley helpful in helping me shut down those abusing their services to infect the unwary and/or to store data stolen by keyloggers.
Though it should be noted, because the stolen data typically includes usernames, passwords, bank details etc and other information, I no longer try and have these shut down. Instead the details are forwarded to law enforcement as the stolen data is useful for them in both gathering evidence, and informing the victims that their data has been stolen.
Dynamic Network Services, Inc. (aka DynDNS)
Alas having a dynamic IP isn't enough to stop a crapware author or scammer. All they need to do is setup a hostname that will redirect to whatever their current IP happens to be. DynDNS is a company that provides such a service.
Thankfully however, DynDNS have also been extremely helpful, and quick to respond, to help shut down these idiots.
The most recent of which, was an IP that was used to host scripts that were then used to attack other services via an RFI attempt. DynDNS had this one shut down within a matter of hours of receiving my report.
Freehostia
Freehostia is a hosting company that provides both free and paid, web hosting. Sadly, free services are all too often abused for malicious purposed. Most companies I've dealt with that provide such, either take their time to take such down, or simply don't bother at all (I'm looking at you Google!). Thankfully the same cannot be said for Freehostia, who have very quickly shut down the accounts of those I've reported.
WordPress
WordPress is a very popular company that provides free hosted blogs. Again, free services are all too often abused as they are usually quick to setup, don't cost anything, and can be re-created in seconds.
WordPress however, have been immensley helpful in shutting down those that are abusing it's services - the same alas, cannot be said for it's competitor (yep, I'm looking at you again Google!)
Microsoft
We all know Microsoft, so I'll save going into their offerings. Some hate them, some love them, others couldn't care either way.
However, millions use their free e-mail services - and this is why they are listed here. When I've come across and reported, compromised Hotmail/Live/MSN accounts, Microsoft have been extremely quick to help get the accounts secured again. If only Yahoo were the same ....
Internet Storm Center (aka ISC)
I would like to extend a special thank you to the ladies and gents at the ISC, who have helped on alot more than one occasion, to either secure compromised e-mail accounts, compromised profiles on social networking sites such as Facebook, and a multitude of other things over the years - you've been great guys!
The above is by no means a complete listing, and my apologies to those companies and individuals that are not listed here (my memory isn't what it used to be), but I'd like to offer all a huge thank you for helping to make the interweb safer.
No comments:
Post a Comment