Posts Tagged ‘spamhaus’
Romania is a country that many Internet security researchers and various law enforcement agencies equate with cybercrime and have probably had that mind for quite a while now. Even some casual readers of spam news know about Romania’s bad reputation online. The good news is over the years more and more people directly involved cybercrime […]
Filed under: 419, blacklist, blocklist, cybercrime, malware, phishing, registrars, rogue networks, scareware, spam, trojan, virus | Leave a Comment
Tags: .RO, 2010, 419, advance fee fraud, AFF, AS31571, AS38913, AS6663, Bucharest, CIA Factbook, cybercrime, DDICOT, DICCOT, Eastern Bloc, Eastern Europe, European Union, euroweb.ro, FBI, fraud, IRC, isp, malware, McAfee, NATO, phishers, phishing, powerhost.ro, Romania, Romanian, Romanian Government, Romanians, ROTLD, scams, Soviet Union, spam, spamhaus, spamming, US, USSR, Warsaw Pact
According to Spamhaus Top 10 Network offenders on its Spamhaus Block List Advisory, an ISP called AS3352 TELEFONICA-DATA-ESPANA has the most SBLs on Spamhaus list as of January 17th, 2010. Based on Spamhaus‘ research, this ISP is considered the current “World’s Worst Network.” At time of this post, there are 95 SBLs belonging to Telefonica.es. […]
Filed under: blacklist, blocklist, cybercrime, malware, phishing, rogue networks, spam | 3 Comments
Tags: Argentina, AS16276, AS22185, AS2828, AS3257, AS3352, blacklist, blocklist, blocklisting, Colombia, Fabio Petta - Jnternet, France, network, OVH.net, RBL, rogue networks, ROKSO, SBL, Spain, spam, spamhaus, spamming, Telefonica, telefonica.com.ar, telefonica.es, tiscali.it, USA, xo.com
Since around August 2009 or so, French provider OVH.net (AS16276) has been the top offender by current SBLs on Spamhaus. Here is a screenshot of that list on Spamhaus as of December 5th, 2009. Also, note. The list below as of 12/5/09. 1. ovh.net AS16276 = 77 SBLs 2. telefonica.es AS3352 = 59 SBLs 3. […]
Filed under: blacklist, blocklist, phishing, rogue networks, spam | Leave a Comment
Tags: AS16276, AS2828, AS3257, AS46562, AS7315, block list, blocklist, mzima.net, rogue network, SBL, spam, spamblock, spamhaus, spamming, telefonica.es, tiscali.it, xo.com
On September 6th, 2009, Spamhaus blocked a /16 which is 65,536 IPs (1 Class B) on its SBL. This listing is filed under SBL68517. The IP range that is being blocked is 132.240.0.0/16. One can view the ASN information of 132.240.0.0 at robtex. According to robtex, the upstream for this range is AS3257 which is […]
Filed under: blocklist, cybercrime, malware, phishing, registrars, rogue networks, spam, trojan, virus | Leave a Comment
Tags: AfriNIC, APNIC, arin, blacklist, blocklist, CIDR, cogentco, firewalls, hijacked, IP, LACNIC, netblock, Oracle, RIPE, RIR, ROKSO, SBL, spam, spamhaus, XO, zombies
Rogue Latvian ISP is Now Offline
Very recently, Swedish upstream provider, TeliaSonera, threatened cut off its direct connection to Junik (AS8206) JUNIK-RIGA-LV JUNIKNET if Junik.lv did not cut off its own downstream (Real Host) because of its reputation of being rogue (hosting zeus botnets). By Monday August 3rd, 2009, Real Host lost its connectivity. Jart Armin of HostExploit recently tweeted about […]
Filed under: blacklist, blocklist, cybercrime, malware, phishing, registrars, rogue networks, spam, trojan, virus | 1 Comment
Tags: blocklisting, botnet.su, botnets, HostExploit, JUNIK-RIGA-LV, junik.lv, JUNIKNET, Latvia, malware, phishing, RBN, Real host, SBL, spamhaus, zeus, zeustracker
Good news for service provider Tata Communications (AS4755) and Spamhaus and some bad news for Tiscali (now Tinet – AS3257). For approximately a month, the large Indian-based provider, Tata Communications, has been still working on its SBL (Spamhaus Block List) by resolving its listings. This means the administrators at Tata Communications have been ending services […]
Filed under: blacklist, blocklist, cybercrime, rogue networks, spam | Leave a Comment
Tags: AS, AS10429, AS16814, AS3257, AS3786, AS4134, AS4755, AS9979, ASN, Autonomous Systems, Backbone, blacklisting, blocklistings, China Telecom, china-netcom.com, CIDR, cnc-noc.net, cnuninet.com, Covad, email, ESP, Fabio Petta, IP/MPLS, iplan.com.ar, isp, Korea, netblocks, network abuse, OVH, powercomm, ROKSO, SBL, Sergio Livrieri, spamhaus, Spamhaus Block List, spammers, Tata Communications, telefonica.com.br, tinet, tinet.net, Tiscali, TTNET, Verizon, VSNL, zombies
Acai Berry Spam and Yahoo Groups
Yahoo has a big problem with spammers. This abuse of its Yahoo Groups services has been going on for at least since late 2008. Much of this information is already out there for those to read but somewhat scattered, so I am providing links within this blog. The spammers are selling various pharma spam. My […]
Filed under: blacklist, blocklist, cybercrime, malware, registrars, rogue networks, spam, virus | 1 Comment
Tags: .CN domains, acai berry spam, acai spam, AS14779, AS9929, bullet proof hosting, canadian pharmacy, China, easyalaska.com, inboxrevenge, InBoxrevenge.com, McAfee, name server, namerich.cn, pharma spam, prolific spammer, Pure Magnum Pro, RBLs, registrar, rogue networks, ROKSO, site advisor, spam redirects, spamhaus, spammed, spammers, spamming, spamtrackers.eu, spamvertising, UTRIMERSIM.COM, vitalacai, web.tebweb.com, weight-loss spam, Yahoo, Yahoo abuse, Yahoo Groups, Yahoo! Customer Care
ASN stands for Autonomous System Number. AS or ASN followed by a number is used to identify an autonomous system on the internet by people who manage networks on the Internet. One well-known example of an ASN is AT&T whose is ASN7018. Most people who may be network engineers are concerned with ASNs. Also, netizens […]
Filed under: 419, blacklist, blocklist, cybercrime, malware, phishing, rogue networks, spam, virus | Leave a Comment
Tags: /16, /24, /32, anti-spammer, antispam, AS, AS4837, ASN, Autonomous System Number, blacklisting, blocklist, blocklistings, bullet proof hosting, China, China Crisis, CHINA169-BACKBONE, CNCGROUP China169, DDoS, IP, netblocks, network abuse, ping, rogue networks, ROKSO, spam, spamhaus, spammers, tracert, virus, zombies
Update: SORBS was sold to a new owner at an unspecified price. Details at bottom of post: updated 1st August 2009. On Monday, 22 June, it was announced by Michelle Sullivan, owner of SORBS (IP: 203.15.51.39 at ASN2764 AAPT), on the SORBS homepage that she would shut the blacklisting services down by July 21st. Apparently […]
Filed under: blacklist, blocklist, cybercrime, rogue networks, spam | 1 Comment
Tags: Al Iverson, anti spam movement, au.sorbs.net, Australia, BL, blacklist, blocklist, cats and coffee, dnsbl, isp, Ken Magill, mail admins, Matthew Sullivan, Michelle Sullivan, nanae, netblocks, RBL, retaliation, slashdot, SORBS, SORBS shutdown, spam, spam reports, spamhaus, spammed, spammers, sysadmins, unprofessionalism
AS44557 DRAGONARA – Rogue Network
While going through Spamhaus SBLs, I found this updated /23 under RIPE. It would seem that most times when Spamhaus is unsure of the exact ownership of a netblock or the downstream has a small number of IPs assigned to it, the volunteers will place it under the regional registry (RIR). I researched the IP […]
Filed under: blacklist, rogue networks, spam | Leave a Comment
Tags: 194.8.74.0/23, AS44557, blacklisting, blocklisting, Cogent, comment spam, cybercrime, DRAGONARA, dragonara.net, netblock, RIPE, SBL76200, SBLs, spamhaus