The Latest in IT Security

Keeping Money Mule Recruiters on a Short Leash – Part Nine

30
May
2011


The following brief summarizes currently active money mule recruitment web sites, actively recruiting money mules for the processing of fraudulently obtained funds.

Currently active sites residing within AS42708, PORTLANE Network www.portlane.com; AS29713, INTERPLEXINC Interplex LLC; AS38913, Enter-Net-Team-AS; AS24940, HETZNER-AS Hetzner Online:
ATLANTALTD-UK.CC – 193.105.134.233
ATLANTA-LTD-UK.NET – 78.46.105.205 – Email: [email protected]
3ATLANTA-UK.COM – 193.105.134.233
BLITZNET-GROUPINC.CC – 78.46.105.205 – Email: [email protected]
5DALI-STYLE.COM – 98.141.220.117
DALISTYLE-GROUP.CC – 98.141.220.118 – Email: [email protected]
DERWOODE-GROUP.COM – 98.141.220.117
DERWOODE-GROUP.NET – 98.141.220.117
GLACIS-GROUPLLC.COM – 193.105.134.232
1GLACISGROUP-LLC.NET – 193.105.134.233
IT-AMIRA.NET – 86.55.210.3 – Email: [email protected]
ITAMIRA-DE.COM – 86.55.210.6 – Email: [email protected]
ITSERV-DE.CO – 78.46.105.205 – Email: [email protected]
IT-SERVICELTD.BE – 78.46.105.205
KADE-GROUP.COM – 86.55.210.4 – Email: [email protected]
MASTERART-GROUP.COM – 98.141.220.116 – Email: [email protected]
MENDRYLTD.COM – 98.141.220.117 – Email: [email protected]
MENZEL-GROUP.TV – 98.141.220.118 – Email: [email protected]
MITISSANSERVICE-GROUP-LTD.CC – 98.141.220.117 – Email: [email protected]
MITISSANSERVICEGROUP-LTD.COM – 98.141.220.117 – Email: [email protected]
oregonltd-uk.cc – 86.55.210.5 – Email: [email protected]
PARLEN-GROUPLLC.COM – 98.141.220.118 – Email: [email protected]
PARLENGROUPLLC.NET – 98.141.220.114
PARLEN-GROUP-USA.COM – 98.141.220.118
quad-groupuk.cc – 86.55.210.6 – Email: [email protected]
QUAD-GROUPUK.CC – 86.55.210.6 – Email: [email protected]
QUAD-IT-GROUP.COM  – 193.105.134.232 – Email: [email protected]
QUINTAGROUP.CC – 98.141.220.117 – Email: [email protected]
QUINTA-GROUPUS.COM – 98.141.220.118 – Email: [email protected]
QUINTA-LLC.NET – 98.141.220.118 – Email: [email protected]
REXTECHINNOVATION.COM – 98.141.220.118 – Email: [email protected]
REXTECHLTD.CC – 98.141.220.115 – Email: [email protected]
REXTECHLTD-US.COM – 98.141.220.118 – Email: [email protected]
SPECIAL-ART-LTD.COM – 193.105.134.233 – Email: [email protected]
SPECIAL-ART-UK.CC – 193.105.134.234
SUBLIME-LTD.NET – 98.141.220.118 – Email: [email protected]
TARGETMARKETGROUP-LLC.CC – 98.141.220.117 – Email: [email protected]
TAZPROGLTD-US.COM – 98.141.220.117 – Email: [email protected]
VNSPROJECT-DE.CC – 78.46.105.205 – Email: [email protected]
VORTEXLLC-UK.COM – 193.105.134.232 – Email: admin[email protected]
VORTEX-LLC-UK.NET – 193.105.134.230 – Email: [email protected]


Name servers of notice:
NS1.NAMESUKNS.CC – 178.162.172.48 – Email: [email protected]
NS2.NAMESUKNS.CC – 69.10.56.131
NS3.NAMESUKNS.CC – 66.199.229.123

NS1.NAMEUK.AT – 178.162.172.57 – Email: [email protected]
NS2.NAMEUK.AT – 69.10.56.132
NS3.NAMEUK.AT – 66.199.229.124

NS1.UKDNSTART.NET – 178.162.172.40 – Email: [email protected]
NS2.UKDNSTART.NET – 69.10.56.130
NS3.UKDNSTART.NET – 66.199.229.122

NS1.DNSUS.SU – 217.23.15.137 – Email: [email protected]
NS2.DNSUS.SU – 87.118.81.7
NS3.DNSUS.SU – 87.118.81.10

NS1.NAMEUSNS.SU – 217.23.15.138 – Email: [email protected]
NS2.NAMEUSNS.SU – 84.19.161.7
NS3.NAMEUSNS.SU – 84.19.161.10

NS1.USDENNS.SU – 217.23.15.136 –  Email: [email protected]
NS2.USDENNS.SU – 84.19.161.7
NS3.USDENNS.SU – 84.19.161.10

Monitoring of money mule recruitment campaigns is ongoing.

Related posts:
Keeping Money Mule Recruiters on a Short Leash – Part Eight – Historical OSINT
Keeping Money Mule Recruiters on a Short Leash – Part Seven
Keeping Money Mule Recruiters on a Short Leash – Part Six
Keeping Money Mule Recruiters on a Short Leash – Part Five
The DNS Infrastructure of the Money Mule Recruitment Ecosystem
Keeping Money Mule Recruiters on a Short Leash – Part Four
Money Mule Recruitment Campaign Serving Client-Side Exploits
Keeping Money Mule Recruiters on a Short Leash – Part Three
Money Mule Recruiters on Yahoo!’s Web Hosting
Dissecting an Ongoing Money Mule Recruitment Campaign
Keeping Money Mule Recruiters on a Short Leash – Part Two
Keeping Reshipping Mule Recruiters on a Short Leash
Keeping Money Mule Recruiters on a Short Leash
Standardizing the Money Mule Recruitment Process
Inside a Money Laundering Group’s Spamming Operations
Money Mule Recruiters use ASProx’s Fast Fluxing Services
Money Mules Syndicate Actively Recruiting Since 2002

This post has been reproduced from Dancho Danchev’s blog.

Leave a reply


Categories

THURSDAY, SEPTEMBER 21, 2017

Featured

Archives

Latest Comments

Social Networks