Following the GazTransitStroy/GazTranZitStroy (gaztranzitstroyinfo.ru; 67.15.253.241) coverage, the gang behind the bogus gas company drilling for insecure PCs across the Web has returned to its roots - St. Petersburg, Russia, with routing services courtesy of PIN-AS Petersburg Internet Network LLC (AS44050) (internet-spb.ru) :
Code:
"descr: Petersburg Internet Network LLC
address: Sedova 80
address: St.-Petersburg, Russia
e-mail: support@internet-spb.ru
phone: +7 812 4483863
fax-no: +7 812 4483863
person: Metluk Nikolay Valeryevich
address: korp. 1a 40 Slavy ave.,
address: St.-Petersburg, Russia
e-mail: nm@internet-spb.ru
phone: +7 812 4483863
fax-no: +7 812 2683113
PIN LLC
Sedova 80
+7 812 4483863
support@internet-spb.ru
Metluk Nikolay Valeryevich
korp. 1a 40 Slavy ave.,
St.-Petersburg, Russia
+7 812 4483863
nm@internet-spb.ru
Ladoha Anton Vladimirovich
korp. 1a 40 Slavy ave.,
St. Petersburg, Russia
+7 812 4483863
admin@internet-spb.ru
Strukov Evgeny Olegovich
korp. 1a 40 Slavy ave.,
St.-Petersburg, Russia
+7 812 4483863
admin2@internet-spb.ru
e.strukov@pinspb.ru
Prefixes 91.212.41.0/24; 95.215.0.0/22; 194.11.16.0/24; 194.11.20.0/23; 195.2.240.0/23"
What's also worth pointing out that is a huge number of of domains operated by GazTransitStroy's customers, and, of course, GazTranzitStroy themselves not only traceroute back to Petersburg Internet Network LLC's network, but also, there's an evident migration to the legitimate NETDIRECT-NET - 89.149.206.0 - 89.149.207.255 - AS2875, as well as to CHINANET-SH CHINANET shanghai province network - 222.64.0.0 - 222.73.255.255.
Continued @ DDanchev Blog
Login
Register
FAQ
Search
Members
