Historical OSINT – Newly Launched Koobface Themed Campaign Spotted in the Wild

Related malicious URLs known to have participated in the campaign:
hxxp://qjcleaner.eu/hitin.php?affid=02979

Once executed a sample malware phones back to a well known command and control server IPs:
hxxp://212.117.160.18 GET /install.php?id=02979

Parked at the same IP where crusade affiliates are were more scareware domains. Meanwhile, the Koobface gang is currently busy typosquatting my name for registering domains (Rancho Ranchev; Pancho Panchev) for instance hxxp://mayernews.com – Email: 1andruh.a1@gmail.com is registered using Danchev Danch.

Leave a Reply

Your email address will not be published. Required fields are marked *

Unit-123.org E-shop Owner Information

Who is Dancho Danchev?

Unit-123.org

Focused on delivering daily batches of personally-produced never-ending supply of high-quality and never-published and released before classified and sensitive Intelligence Deliverables.

Latest Products