2006-06-23

'Digital Infinity Ltd' -- Moscow, RU

A week ago, they harvested my addresses four times on four consecutive days. They then proceeded to attempt to send mail to these ~100 unique addresses around 3000 [update 7/1: 5000] times.

This is a commercial organisation, hosted in the US, registered in Moscow.

The harvesting IPs are all in this small, 14 host netblock:

$ whois NET-208-66-195-0-1

OrgName: Digital Infinity Ltd
OrgID: DIL-32
Address: Ostrovityanova str, 14, 200
City: Moscow
Country: RU

NetRange: 208.66.195.0 - 208.66.195.15
CIDR: 208.66.195.0/28
NetName: DIGITALINFINITY
NetHandle: NET-208-66-195-0-1
Parent: NET-208-66-192-0-1
NetType: Reassigned
RegDate: 2006-05-31
Updated: 2006-05-31

RAbuseHandle: SUPPO189-ARIN
RAbuseName: Support
RAbusePhone: +7 (495) 980-6635
RAbuseEmail: noc@digitalinfinity.org

However, the addresses they're sending from are trojaned home and/or office computers, or their ISP's mail exchangers. I recorded over a thousand unique hosts so far.

0 Comments:

Post a Comment

Links to this post:

Create a Link

<< Home