[nsp-sec] enom security POC?
Chris Morrow
morrowc at ops-netman.net
Mon Oct 27 17:32:45 EDT 2008
looks like enom is being phished :(
<snip spam content>
For access your account follow this link - http://www.enom.com.sys82.net
</snip spam content>
something about 'we are doing maintenence...' spam sample available upon
request.
-Chris
(note that the sys82.net domain is owned by:
Administrator:
Name-- Shestakov Yuriy
EMail-: (alexeyvas at safe-mail.net)
tel --: +7.9218839910
org: Shestakov Yuriy
Lenina 21 16
Mirniy,MSK,RU 102422
Domain Name:sys82.net
Record last updated at 2008-10-25 23:13:18
Record created on 2008/10/25
Record expired on 2009/10/25
with NS hosts:
ns1.kolberacn.com ns2.kolberacn.com
or hosts:
Name Server: NS1.KOLBERACN.COM
Name Server: NS2.KOLBERACN.COM
Name Server: NS3.KOLBERACN.COM
Name Server: NS4.KOLBERACN.COM
Name Server: NS5.KOLBERACN.COM
209.60.226.164 - Mediaworks - Riverbend (via paetec)
70.112.103.237 - roadrunner host?
other hosts are also broadband-ish things...
More information about the nsp-security
mailing list