The ongoing abuse of AS10929; NETELLIGENT Hosting Services Inc. for scareware distribution purposes is peaking once again, which combined with the well-proven traffic acquisition tactics the campaigners take advantage of, prompts me to proactively undermine the effectiveness of the campaigns by ruining the monetization factor.
Next to listing the scareware domains currently in circulation, in part twenty one of the Diverse Portfolio of Fake Security Software series, it's time we put the spotlight on the so called payment processors mainted by phony in-house operations.
The following scareware domains are parked exclusively within AS10929; NETELLIGENT Hosting Services Inc's network, 209.44.126.102 in particular :
fanscan4 .com 209.44.126.102 Email: brmargul@gmail.com
rayscan4 .com Email: brmargul@gmail.com
scantop4 .com Email: ansouthe@gmail.com
scanlist6 .com Email: metamant@gmail.com
goscanfine .com Email: chirelqas@gmail.com
goscanone .com Email: canrcnad@gmail.com
scan4note .com Email: ansouthe@gmail.com
in4ck .com Email: taboussybr@gmail.com
goscanwork .com Email: govemati@gmail.com
in4tk .com Email: skeltonrw@gmail.com
goscanatom .com Email: gleyersth@gmail.com
top4scan .com Email: ansouthe@gmail.com
slot6scan .com Email: metamant@gmail.com
gometascan .com Email: ricboin@gmail.com
gopagescan .com Email: tanehen@gmail.com
gofinescan .com Email: alcnafuch@gmail.com
goelitescan .com Email: funully@gmail.com
gorankscan .com Email: canrcnad@gmail.com
goworkscan .com Email: govemati@gmail.com
gogoalscan .com Email: chinrfi@gmail.com
gogenscan .com Email: tanehen@gmail.com
goautoscan .com Email: tanehen@gmail.com
goflexscan .com Email: alcnafuch@gmail.com
goscanauto .com Email: canrcnad@gmail.com
scan6slot .com Emaik: telerdomb@gmail.com
in4st .com Email: skeltonrw@gmail.com
scan6list .com Email: telerdomb@gmail.com
goscanflex .com Email: chirelqas@gmail.com
goscankey .com Email: ricboin@gmail.com
scanmeta4 .info Email: sitintu@gmail.com
scannote4 .info Email: sitintu@gmail.com
metascan4 .info Email: finewnrk@gmail.com
zonescan4 .info Email: mexnacc@gmail.com
notescan4 .info Email: finewnrk@gmail.com
miniscan4 .info Email: finewnrk@gmail.com
rankscan4 .info Email: mexnacc@gmail.com
atomscan4 .info Email: finewnrk@gmail.com
fanscan4 .info Email: finewnrk@gmail.com
genscan4 .info Email: finewnrk@gmail.com
autoscan4 .info Email: sitintu@gmail.com
topscan4 .info Email: finewnrk@gmail.com
starscan4 .info Email: finewnrk@gmail.com
fixscan4 .info Email: sitintu@gmail.com
mixscan4 .info Email: finewnrk@gmail.com
luxscan4 .info Email: finewnrk@gmail.com
rayscan4 .info Email: finewnrk@gmail.com
keyscan4 .info Email: sitintu@gmail.com
scangen4 .info Email: sitintu@gmail.com
scanauto4 .info Email: mexnacc@gmail.com
scantop4 .info Email: finewnrk@gmail.com
scanflex4 .info Email: mexnacc@gmail.com
scan4meta .info Email: finewnrk@gmail.com
scan6meta .info Email: donboset@gmail.com
scan4fine .info Email: mexnacc@gmail.com
meta4scan .info Email: finewnrk@gmail.com
note4scan .info Email: finewnrk@gmail.com
gen4scan .info Email: finewnrk@gmail.com
flex4scan .info Email: mexnacc@gmail.com
fix4scan .info Email: sitintu@gmail.com
key4scan .info Email: mexnacc@gmail.com
meta6scan .info Email: donboset@gmail.com
note6scan .info Email: donboset@gmail.com
scan4gen .info Email: finewnrk@gmail.com
scan6gen .info Email: donboset@gmail.com
scan4auto .info Email: sitintu@gmail.com
scan4top .info Email: finewnrk@gmail.com
scan4fix .info Email: sitintu@gmail.com
scan4key .info Email: sitintu@gmail.com
fine4scan .info Email: beelriel@gmail.com
scanmega4 .info Email: bnntnkmn@gmail.com
zonescan4 .info Email: mexnacc@gmail.com
rankscan4 .info Email: mexnacc@gmail.com
scanauto4 .info Email: mexnacc@gmail.com
scan4fine .info Email: mexnacc@gmail.com
way4scan .info Email: bnntnkmn@gmail.com
key4scan .info Email: mexnacc@gmail.com
scan4fan .info Email: myscarbe@gmail.com
Exceptions out of AS10929; NETELLIGENT Hosting Services Inc.:
ia-pro .com - 194.165.4.41; 200.63.45.224; 209.44.126.104; 200.63.45.224 Email: abuse@domaincp.net.cn
generalantivirus .com Email: compalso@gmail.com
genpayment .com Email: seeingrud@gmail.com
livestopbadware .com Email: producergrom@gmail.com
av-payment .com Email: abuse@domaincp.net.cn
antimalware-live-scanv3 .com - 38.99.170.9; 78.47.91.153; 83.133.115.9; 89.47.237.52;91.212.65.125; Email: immigration.beijing@footer.cn
antivirus-scanner-v1 .com Email: tareen@yahoo.com
proantivirusscannerv2 .com Email: ecindia@hotmail.com
Who's processing the payments made by the scammed customers? These are the major payment processors of scareware software that have been changing aliases for a while now, with Pandora Software being the most persistent one:
easybillhere .com - 200.63.45.221; Email: myerysin@gmail.com
secure.softwaresecuredbilling .com - 209.8.45.122; Viktor Temchenko Email: TemchenkoViktor@googlemail.com
secure.propayments .org - 78.46.152.8; Oleg Bajenov Email: oleg.bajenov@gmail.com
secure.soft-transaction .com - 77.91.228.155; Riabokon, Igor; rw6rr69n7z2@networksolutionsprivateregistration.com
secure-plus-payments .com - 209.8.25.204; John Sparck; Email: sparck000@mail.com
secure.pnm-software .com - 209.8.45.124; Live Internet Marketing Limited; pnm-software.com@liveinternetmarketingltd.com
secure.thepaymentonline .com Email: Sergey Ryabov director@climbing-games.com
What is Pandoware Software, and who's behind Pandora Software (pandora-software .com; pandora-software .info; pandoraxxl .com - 209.8.45.121; Live Internet Marketing Limited; Email: pandoraxxl.com@liveinternetmarketingltd.com)?
Continued @ DDanchev Blog
Login
Register
FAQ
Search
Members
