Informative site for the users of cheapestroomslondon.co.uk?
June 19, 2010 - 13:40 — RuneI received this one from webmaster@cheapestroomslondon.co.uk about a couple of weeks ago.
I have altered the spam a tiny little bit, the stuff in brackets are added/changed by me.
Do you have gas?
March 9, 2010 - 23:35 — RuneThen Aker Kvaerner may have some kind of work for you.
I may judge it wrong.
Not sure if only having gas qualifies, but you never now.
You could be the right person for the job.
It's of course a scam.
It seems to origin from 41.206.15.2, in Africa. Maybe a hacked UebiMiau installation.
Went via 200.152.205.3, in Brazil before ending up in one of "my" email boxes.
I would not contact the email address info.akrecruitment01@yahoo.co.uk.
But I fart in the scammers general direction.
The spam:
-- Aker kvaerner oil and Gas Company Human Resource Department
Referrer spam ends up in malware - stars-vs-stars. com
March 7, 2010 - 13:02 — RuneBeware of referrer spam in your weblogs.
At the moment stars-vs-stars. com (hosted on ecatel btw) redirects to http:||olympionik.limewebs. com/xplaymovie.html,
which again redirects to various malware/domains at 69.10.38.27 (trouble-free.net - Michael Lavrik), an infamous IP for hosting malware.
During the last two days, the following domain names have been used:
greatmultimediaservices. com, multimediautilites. com, digitalbluemultimedia. com.
digitalbluemultimedia.com is the active one as I write this.
Poor detection at virustotal.com, 4-8 vendors recognize the malware.
Back online
December 26, 2009 - 13:15 — RuneJust cutting and pasting (and editing slightly) from http://matchent.wordpress.com/2009/12/24/matchent-com-hacked/ .
I'm still not quite sure how they got in.
It has probably more to do with my skills than any holes in Drupal.
A shell (GNY.Shell - findex.php) and a proxy (proxy.php) was uploaded, but where the weakness was (is?) is not known to me.
I would not be very much surprised if this turned out to be a part of the christmas hacking at evilzone.org.
User "Administrator"? I don't know that guy
December 22, 2009 - 20:00 — RuneSo someone succeeded in creating the user "Administrator" on this blog a couple of hours ago.
And I have no idea how. Only a user with admin rights is allowed to create new users.
Giving an email address is a part of the routine when creating a new user. It was not done when creating this user.
Apparently no harm done. The role the user was assigned was not as an administrator, but an ordinary user with almost no rights at all.
Could have tampered with some comments, but did not.
And I still have no clue how this was done.
Came from the IP 72.167.232.86.
Falling behind on my payments?
December 8, 2009 - 23:05 — RuneI wonder about the quality of the Viral Spiral idiots records:
Our records indicate you may be struggling to make your
mortgage payments, and may be falling behind on your payments.
If your income has dropped or you have another hardship that is
causing you financial difficulty, we may be able to help you get
financial relief from your home loan lender. Complete the form
to get a free financial evaluation to determine if you qualify
for payment relief. I look forward to working with you
With a link to bratchaeal. com.
Syndicate
Recent comments
40 weeks 5 days ago
41 weeks 1 day ago
41 weeks 4 days ago
41 weeks 5 days ago
43 weeks 13 hours ago
1 year 21 weeks ago
1 year 21 weeks ago
1 year 24 weeks ago
1 year 24 weeks ago
1 year 25 weeks ago