SecurityRatty: tag: ukrtelegroup

Lazy Summer Days at UkrTeleGroup Ltd

2008-07-22 07:12:02 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...UkrTeleGroup Ltd ( 85.255.112.0-85.255.127.255 UkrTeleGroup UkrTeleGroup Ltd. 27595 ASN ATRIVO ), a personal favorite due to its historical connection with the Russian Business Network, and hosting provider for a countless of number of injected and malware embedded campaigns during the last two years, is still keeping it as lazy as possible,...

Tags: ukrtelegroup, codecs, fake codecs simultaneously, rogue security software, ukrtelegroup ukrtelegroup, fake codecs, home, home stat, scammy ecosystem

Geolocating Malicious ISPs

2008-02-18 00:25:38 by HASH0x8af87d8 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...Ukrtelegroup Ltd 85.255.112.0 - 85.255.127.255 UkrTeleGroup Ltd Mechnikova 58/5 65029 Odessa UKRAINE phone: +380487311011 fax-no: +380487502499 Turkey Abdallah Internet Hizmetleri TurkTelekom 88.255.0.0/16 - 88.255.0.0/17 Hong Kong Hostfresh 58.65.232.0 - 58.65.239.255 Hong Kong Hostfresh No. 500, Post Office Tuen Mun, N.T Hong Kong...

Tags: malicious, hong kong, hong kong hostfresh, malicious ecosystems, high-profile malware, malicious activities, rbn, media malware gang, actual operational department

Fake PestPatrol Security Software

2008-05-20 11:30:00 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...Ukrtelegroup Ltd ( 85.255.112.0-85.255.127.255 UkrTeleGroup UkrTeleGroup Ltd. 27595 ASN ATRIVO ), just like the majority of sites assessed in previous posts Where's the malware at pest-patrol.com ? In one of these anecdotal cases, the way the people behind these rogue sites use the same template over and over again, and consequently forget...

Tags: ukrtelegroup, sites, ukrtelegroup ukrtelegroup, rogue sites, pest-patrol, fake pestpatrol site, mail server, previous posts, asn atrivo

Statistics from a Malware Embedded Attack

2008-02-13 17:01:04 by HASH0x8bf8c1c in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...UkrTeleGroup Ltd as well as Atrivo. For yet another time they didn't bother taking care of their directory permissions. Knowing the number of unique visits that were redirected to the malware embedded host, the browsers and OSs they were using in a combination with confirming the malware kit used could result in a rather accurate number of...

Tags: malware, malware kit, hosts, malicious hosts, sample malware, infrastructure, vertuslkj, operational intelligence approach, statistics

Embedded Malware at Bloggies Awards Site

2008-03-12 18:36:48 by HASH0x8b6b2fc in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...Ukrtelegroup Ltd, and Turkey Abdallah Internet Hizmetleri , to surprisingly end up to the New Media Malware Gang original IP, futher confirming the existence of what's now a diverse ecosystem The same timely malware embedded attack happened at the top of the Annual Weblog Awards site - The Bloggies as TrendMicro assessed on Monday The Web...

Tags: malware, timely malware, event based malware, site, malware screenshot, icepack, descriptive icepack host, info, bloggies

Blackhat SEO Redirects to Malware and Rogue Software

2008-06-05 07:59:47 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...UkrTeleGroup Ltd's network - could it get even more interesting? Of course, as the current state of Zlob malware serving tactics can be seperated in two distinct groups, those abusing the "sort of" zero day Flash exploit , as the currently active SQL injection attacks are all taking advantage of it, and those still relying on plain simple...

Tags: sites, profile sites, multimedia sites, codec sites, zlob variants, zlob, zlob malware variants, rogue codec sites, domains

The Malicious ISPs You Rarely See in Any Report

2008-06-30 09:31:08 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...Ukrtelegroup Ltd, Turkey Abdallah Internet Hizmetleri, and Hostfresh . Ignoring for a second the fact that the "the whole is greater than the sum of it's parts", in this case, the parts represent RBN's split network. Since it's becoming increasingly common for any of these ISPs to provide standard abuse replies and make it look like there's a...

Tags: malicious, malicious isps, isps, report, malicious doorways continue, infrastructure, malicious infrastructure, malicious domain, malware command

Summarizing June's Threatscape

2008-07-01 07:05:01 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...UkrTeleGroup Ltd's network 04. Using Market Forces to Disrupt Botnets - With the current oversupply of malware infected hosts, and botnet masters embracing the services model for anything malicious, in this post I discussed the radical security approach of puchasing already infected malware hosts on a per country basis, disinfecting...

Tags: site, fake youtube site, web site defacements, malware, malware hosts, web site defacer, sites, vulnerable sites, malicious

Summarizing July's Threatscape

2008-08-01 16:08:24 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...UkrTeleGroup Ltd Taking a random snapshot of the current malicious activity at a well known provider of hosting services for rogue security applications, live exploit URLs and botnet command&control locations, always provides an insight into what are their customers up to. In this case, centralization of their scammy ecosystem, and parking a...

Tags: malware, profitable malware operations, malware authors, malware tools, malware coder, malware kit, malware infection, neosploit malware kit, spam

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo