Seite 1 von 18 12311 ... LetzteLetzte
Ergebnis 1 bis 10 von 178

Thema: China Spammer

  1. #1
    Urgestein
    Registriert seit
    18.07.2005
    Beiträge
    7.482

    Standard China Spammer

    Anscheinend ist einer meiner Adressen mal wieder einem China-Spammer in die Hände gefallen, der ähnlich wie die Mugus versendet. Also: Versand von einer chines. Dyn-IP über einen gecrackten (Mail-)Server zur Verschleierung als Kontakt nur Freemailer-Adressen. Der Body immer in Base64 kodiert. Bsp.:


    header:
    01: Received: from loki.asgardtechnology.com
    02: (173-13-70-24-NewEngland.hfc.comcastbusiness.net [173.13.70.24])
    03: by xxxxx (Postfix) with ESMTP ID: [ID filtered]
    04: for xxxxx; Sun, 21 Mar 2010 xx:xx:xx +0100 (CET)
    05: Received: from xiaofeng ([222.223.71.40]) by loki.asgardtechnology.com
    06: with Microsoft SMTPSVC(6.0.3790.3959);
    07: Sat, 20 Mar 2010 xx:xx:xx -0400

    IP: 222.223.71.40 ---> 40.71.223.222.broad.qh.he.dynamic.163data.com.cn

    We are a China based studio providing innovative and cost effective CAD
    drafting and design solutions that provide value to business needs. We
    introduced ourselves with a vision to be the best rather than to be the
    biggest of all the players in the industry. We truly believe in aligning
    ourselves with our customer’s goals, objectives and needs and build
    long-term relationships.

    Our focus revolves around the specific needs of our client providing the
    quality-centric solutions. With years of experience in the industry,
    proficient knowledge of the services and incessant changing technology
    and skills we have turned out to be an organization, which has developed
    an edge over others in the industry and our clients reflect no
    inhibitions to reflect the same. We truly understand the difference
    between design and style and our work justifies it because we do the
    basic homework i.e. framing out your needs and objective.

    We have earned experience from a wide variety of CAD drafting and design
    projects done for our customers throughout US and Europe. We have also
    specialized ourselves in AutoCAD designs. Our highly specialized can
    turn around your projects overnight. With our expertise in AutoCAD
    drafting services, we are able to convert your original document (hand
    drafted or scanned) into an error free DXF, DGN, DWG format.

    Services:
    AutoCAD Design
    AutoCAD Conversion
    AutoCAD Drawings
    AutoCAD Engineering
    2D to 3D conversions
    Architectural renderings
    Raster to vector conversion
    Architectural drawings
    GIS conversion
    Logo vectorization
    Digitizing maps
    Legacy drawing conversion

    Best regards,
    Ben
    Bensameas AutoCAD Solutions
    Contact: ibautocad@yeah.net


    Pls send address to autocadremove123@msn.com for remove
    autocadremove123@msn.com

    ibautocad@yeah.net

    guansjdi56sachi@yahoo.com


    - kjz
    mein Credo: die 10 größten ROKSO-Spammer aus dem Verkehr gezogen, und 80 % des weltweiten Spam-Problems hätte sich mit einem Schlag erledigt....

  2. #2
    Urgestein
    Registriert seit
    18.07.2005
    Beiträge
    7.482

    Standard

    anderer Text, selber Spammer:


    header:
    01: Received: from mail.flaorthopedics.com (mail.flaorthopedics.com
    02: [74.9.202.9])
    03: by xxxxx (Postfix) with ESMTP ID: [ID filtered]
    04: for xxxxx; Fri, 19 Mar 2010 xx:xx:xx +0100 (CET)
    05: Received: from cab4f0e754d14c7 ([59.108.53.254]) by
    06: mail.flaorthopedics.com with Microsoft SMTPSVC(6.0.3790.3959);
    07: Thu, 18 Mar 2010 xx:xx:xx -0400

    IP: 59.108.53.254 ---> Beijing Capital Telecom Technology Co.,LTD

    iPhone Application Development

    We are China based company explicitly active for iPhone software
    programming solutions and Mobile Application Development services as
    well as wireless application (WAP) development. We are organized to
    deliver premium quality services to our clients ranging from large
    organizations to smaller groups and individuals from all over the
    sphere. We implement creative ideas with latest technologies and
    constantly eager to meet all needs of our clients with supreme level
    customer care with a view to maintain long-term business relations.

    Our team is perfect blend of experience and talented Mobile Application
    Developers, who are successfully providing appropriate & quality
    solutions to our global iPhone clients according to their respective
    needs like Android Mobile Application Development & Mobile Website
    Development. We believe our enthusiastic approach towards latest mobile
    technologies directly increase our mobile application development
    proficiency in form of iPhone Application Development, iPhone 3G
    Games/Mac Games Development and iPhone Calendar Application Development.

    We undertake offshore iPhone enhancement projects as well as provide all
    type mobile application development solution to our clients as well as
    they can Hire iPhone Application Developers for their specific demands .
    iPhone is the symbol of creativity which demands customize application
    development and iPhone application development India provides customized
    services to our iPhone lover clients such as Custom iPhone Icons/Themes
    Design .

    Achieving highest level of customer satisfaction in mobile application
    solutions is our studio motto.

    Services offered:
    iPhone Application Development
    Hire iPhone Programmers
    iPhone Game Development
    iPhone Theme & Icon Design
    iPhone Calendar Application Development
    Mobile Application Development
    Android Mobile Application Development
    Mobile Website Development
    Wireless (WAP) Mobile Applications Development
    Windows Mobile Application Development
    J2ME based Mobile Application Development

    Thanks,
    Garrison
    ITKAVOIA iPhone Application Development
    Contact: iphoneibtech@yeah.net


    Pls send address to iphoneappremove@sohu.com for remove
    iphoneibtech@yeah.net

    iphoneappremove@sohu.com

    fengxiaogans30ga@yahoo.com


    - kjz
    mein Credo: die 10 größten ROKSO-Spammer aus dem Verkehr gezogen, und 80 % des weltweiten Spam-Problems hätte sich mit einem Schlag erledigt....

  3. #3
    Urgestein
    Registriert seit
    18.07.2005
    Beiträge
    7.482

    Standard

    Und wieder der China-Spammer:


    header:
    01: Received: from PORTLAND.shamrocksports.local
    02: (rrcs-24-97-165-83.nys.biz.rr.com [24.97.165.83])
    03: (using TLSv1 with cipher AES128-SHA (128/128 bits))
    04: (No client certificate requested)
    05: by xxxxx (Postfix) with ESMTP ID: [ID filtered]
    06: for xxxxx; Tue, 23 Mar 2010 xx:xx:xx +0100 (CET)
    07: Received: from tommycs (219.132.152.50) by PORTLAND.shamrocksports.local
    08: (192.168.10.10) with Microsoft SMTP Server ID: [ID filtered]
    09: xx:xx:xx -0400

    IP: 219.132.152.50 ---> CHINANET Guangdong

    We are a China based studio providing innovative and cost effective CAD
    drafting and design solutions that provide value to business needs. We
    introduced ourselves with a vision to be the best rather than to be the
    biggest of all the players in the industry. We truly believe in aligning
    ourselves with our customer’s goals, objectives and needs and build
    long-term relationships.

    Our focus revolves around the specific needs of our client providing the
    quality-centric solutions. With years of experience in the industry,
    proficient knowledge of the services and incessant changing technology
    and skills we have turned out to be an organization, which has developed
    an edge over others in the industry and our clients reflect no
    inhibitions to reflect the same. We truly understand the difference
    between design and style and our work justifies it because we do the
    basic homework i.e. framing out your needs and objective.

    We have earned experience from a wide variety of CAD drafting and design
    projects done for our customers throughout US and Europe. We have also
    specialized ourselves in AutoCAD designs. Our highly specialized can
    turn around your projects overnight. With our expertise in AutoCAD
    drafting services, we are able to convert your original document (hand
    drafted or scanned) into an error free DXF, DGN, DWG format.

    Services:
    AutoCAD Design
    AutoCAD Conversion
    AutoCAD Drawings
    AutoCAD Engineering
    2D to 3D conversions
    Architectural renderings
    Raster to vector conversion
    Architectural drawings
    GIS conversion
    Logo vectorization
    Digitizing maps
    Legacy drawing conversion

    Best regards,
    Paul
    Benhomassams Cad Solution
    Contact: ibautocad@yeah.net

    Pls send address to autocadremove8@msn.com for remove
    autocadremove8@msn.com

    ibautocad@yeah.net

    gethtefasad32sie@msn.com

    dandevelop@yeah.net


    - kjz
    mein Credo: die 10 größten ROKSO-Spammer aus dem Verkehr gezogen, und 80 % des weltweiten Spam-Problems hätte sich mit einem Schlag erledigt....

  4. #4
    Urgestein
    Registriert seit
    18.07.2005
    Beiträge
    7.482

    Standard

    Wieder nach Mugu-Art, also über einen gecrackten Mailserver abgekübelt:


    header:
    01: Received: from hammerhead.seacrest.com (unknown [116.50.178.246])
    02: by xxxxx (Postfix) with ESMTP ID: [ID filtered]
    03: for xxxxx; Mon, 29 Mar 2010 xx:xx:xx +0200 (CEST)
    04: Received: from CYIBMCORE ([222.77.187.134] RDNS failed) by
    05: hammerhead.seacrest.com with Microsoft SMTPSVC(6.0.3790.3959);
    06: Sun, 28 Mar 2010 xx:xx:xx +0800

    IP: 222.77.187.134 ---> CHINANET fujian

    Digital Photo Editing Services :

    We are a China based Imaging Professionals. We offer basic and advanced
    digital photo Editing services and solutions like photo Cutout,
    morphological photo Editing, photoshop photo Editing, satellite photo
    Editing, color photo Editing and vector photo Editing using latest
    techniques.

    Our mainly services are:

    1. Photo Cutout
    2. Photo Enhancement
    3. Photo Retouching
    4. Vector Conversion
    5. Pop Art
    6. Images Masking
    7. Clipping Path
    8. Photo Restoration
    9. Web Design

    Best regards,
    Jason
    Rallaceasamn Imaging Professionals
    Contact: wallacecontact@yeah.net

    Pls send address to removeinlcide123@msn.com for remove
    wallacecontact@yeah.net

    removeinlcide123@msn.com

    qilixiangx32ioshi@msn.com


    - kjz
    mein Credo: die 10 größten ROKSO-Spammer aus dem Verkehr gezogen, und 80 % des weltweiten Spam-Problems hätte sich mit einem Schlag erledigt....

  5. #5
    Urgestein
    Registriert seit
    18.07.2005
    Beiträge
    7.482

    Standard

    Und wieder mal der Chinamann:


    header:
    01: Received: from w2k8exchange.armoniasim.local (unknown [213.215.180.82])
    02: (using TLSv1 with cipher AES128-SHA (128/128 bits))
    03: (No client certificate requested)
    04: by xxxxx (Postfix) with ESMTP ID: [ID filtered]
    05: for xxxxx; Fri, 2 Apr 2010 xx:xx:xx +0200 (CEST)
    06: Received: from cylocal (222.77.187.134) by w2k8exchange.armoniasim.local
    07: (10.100.100.2) with Microsoft SMTP Server ID: [ID filtered]
    08: xx:xx:xx +0200

    IP: 222.77.187.134 ---> CHINANET fujian

    Website Design & Development:

    Our website creation services provide effective, affordable web design,
    website creation and web development solutions for individuals and small
    business, such as our business startup package, you can even design your
    own website with our content management websites.

    Whether you are an individual needing a basic website of a few pages, a
    large or small business requiring a custom e-commerce shop or content
    management solutions, we have the experience and web solutions to build
    just what you want for your ebusiness, on time and on budget. Please
    feel free to ask us for a free web design quote.

    Core offerings:

    Business website design
    Business website redesign
    Flash website design
    Flash website redesign
    Ecommerce website design
    Ecommerce website redesign
    Company website design
    Company catalog design
    Company logo design
    SEO service
    ERP Solutions

    Pls check our website to see our portfolios.

    Best regards,
    Jonathan
    Jonathanoonm Information Technologies
    Website Team
    Contact: ibjonathan@yeah.net

    Send address to kindljohasthan@msn.com for remove
    ibjonathan@yeah.net

    kindljohasthan@msn.com


    - kjz
    mein Credo: die 10 größten ROKSO-Spammer aus dem Verkehr gezogen, und 80 % des weltweiten Spam-Problems hätte sich mit einem Schlag erledigt....

  6. #6
    Urgestein
    Registriert seit
    18.07.2005
    Beiträge
    7.482

    Standard

    Und wieder mal der Chinamann über gecrackten Schulserver:


    header:
    01: Received: from w2k8exchange.armoniasim.local (unknown [213.215.180.82])
    02: (using TLSv1 with cipher AES128-SHA (128/128 bits))
    03: (No client certificate requested)
    04: by xxxxx (Postfix) with ESMTP ID: [ID filtered]
    05: for xxxxx; Sun, 4 Apr 2010 xx:xx:xx +0200 (CEST)
    06: Received: from DANIELINC (222.168.18.197) by w2k8exchange.armoniasim.local
    07: (10.100.100.2) with Microsoft SMTP Server ID: [ID filtered]
    08: xx:xx:xx +0200

    IP: 222.168.18.197 ---> CHANGCHUN-SHENGWEIDANGXIAO-SCHOOL

    Website Design & Development:

    Our website creation services provide effective, affordable web design,
    website creation and web development solutions for individuals and small
    business, such as our business startup package, you can even design your
    own website with our content management websites.

    Whether you are an individual needing a basic website of a few pages, a
    large or small business requiring a custom e-commerce shop or content
    management solutions, we have the experience and web solutions to build
    just what you want for your ebusiness, on time and on budget. Please
    feel free to ask us for a free web design quote.

    Core offerings:

    Business website design
    Business website redesign
    Flash website design
    Flash website redesign
    Ecommerce website design
    Ecommerce website redesign
    Company website design
    Company catalog design
    Company logo design
    SEO service
    ERP Solutions

    Pls check our website to see our portfolios.

    Best regards,
    Jonathan
    Jonathanoonm Information Technologies
    Website Team
    Contact: ibjonathan@yeah.net

    Pls send address to jjonaiberemove@yahoo.com for remove
    ibjonathan@yeah.net

    jjonaiberemove@yahoo.com

    ibalextech@yeah.net


    - kjz
    mein Credo: die 10 größten ROKSO-Spammer aus dem Verkehr gezogen, und 80 % des weltweiten Spam-Problems hätte sich mit einem Schlag erledigt....

  7. #7
    Verbalakrobat Avatar von Goofy
    Registriert seit
    17.07.2005
    Ort
    Überall und nirgends
    Beiträge
    23.899

    Standard

    Vielleicht verkaufen die Russen sowohl an die Mugus als auch an andere Spammer "Kits" zum Spammen, in Form von gecrackten Mailservern, Ratware, Botnetz. Das würde die sich oft ähnelnde Handschrift erklären.
    Goofy
    ______________________________
    Weisheiten des Trullius L. Guficus, 80 v.Chr.:
    "Luscinia, te pedem supplodere audio" - Nachtigall, ick hör dir trapsen
    "Vita praediolum eculeorum non est" - Das Leben ist kein Ponyhof
    "Avia mea in stabulo gallinario rotam automotam vehit" - Meine Oma fährt im Hühnerstall Motorrad
    "Sed illi, dicito: me in ano lambere potest" - Jenem aber, sag es ihm: er kann mich am Arsch lecken

  8. #8
    Urgestein
    Registriert seit
    18.07.2005
    Beiträge
    7.482

    Standard

    Zitat Zitat von Goofy Beitrag anzeigen
    Vielleicht verkaufen die Russen sowohl an die Mugus als auch an andere Spammer "Kits" zum Spammen, in Form von gecrackten Mailservern, Ratware, Botnetz. Das würde die sich oft ähnelnde Handschrift erklären.
    Zumindestens ist zu vermuten, dass auf den Botnetzen automat. 'Crack-Screenings' laufen. Schaue ich mal in den Error-Log meines Apachen, so wird dort immer wieder nach versch. PHP-Verzeichnissen, Perl oder auch .exe Dateien (IIS) gesucht (natürlich ohne Erfolg). Da wird also gezielt das Netz nach exploitbaren Installationen abgesucht. Und wenn das Botnetz 'Erfolg' melden sollte, werden dann die 'Crack-Skripte' daraufhin angesetzt. Alles per Skript automatisiert. Insofern dürften den Russkis ständig gecrackte Server in ausreichender Anzahl zur Verfügung stehen.

    Was aber andersherum auch heisst: wer heutzutage einen Webserver betreibt, sollte die Installation immer unter Kontrolle halten, alles andere ist (leider) ziemlich fahrlässig. Was ansonsten passiert, sieht man ja z. Bsp. beim Umweltbundesamt.

    - kjz
    mein Credo: die 10 größten ROKSO-Spammer aus dem Verkehr gezogen, und 80 % des weltweiten Spam-Problems hätte sich mit einem Schlag erledigt....

  9. #9
    Verbalakrobat Avatar von Goofy
    Registriert seit
    17.07.2005
    Ort
    Überall und nirgends
    Beiträge
    23.899

    Standard

    Könnte man nicht mal so eine Zusammenstellung der Dateien machen, die bei diesen Screenings abgefragt werden? Wenn sich an so einer Sammlung mehrere Serverbetreiber beteiligen würden, könnte man evtl. bestimmte Muster erkennen.
    Goofy
    ______________________________
    Weisheiten des Trullius L. Guficus, 80 v.Chr.:
    "Luscinia, te pedem supplodere audio" - Nachtigall, ick hör dir trapsen
    "Vita praediolum eculeorum non est" - Das Leben ist kein Ponyhof
    "Avia mea in stabulo gallinario rotam automotam vehit" - Meine Oma fährt im Hühnerstall Motorrad
    "Sed illi, dicito: me in ano lambere potest" - Jenem aber, sag es ihm: er kann mich am Arsch lecken

  10. #10
    Urgestein
    Registriert seit
    18.07.2005
    Beiträge
    7.482

    Standard

    Zitat Zitat von Goofy Beitrag anzeigen
    Könnte man nicht mal so eine Zusammenstellung der Dateien machen, die bei diesen Screenings abgefragt werden?
    Aktuell kann ich nicht mit allzu viel dienen, ich habe da zitiert, was mir bei Durchsicht der Logfiles im Gedächtnis blieb. Ganz frisch habe ich folgendes gesehen:

    ...../htdocs/install.txt
    ...../htdocs/cart
    ...../htdocs/zencart
    ...../htdocs/zen-cart
    ...../htdocs/zen
    ...../htdocs/shop
    ...../htdocs/butik
    ...../htdocs/zcart
    ...../htdocs/shop2
    ...../htdocs/catalog
    ...../htdocs/boutique
    ...../htdocs/cart
    ...../htdocs/store
    Hier wird offensichtlich nach Zen-Cart gesucht. Zen-Cart ist ein Open Source Shopping System, basierend auf PHP und mySQL. Adressen und Kreditkartendaten sind da sicher von Interesse... Was tun bei einem Hack? Und die Sicherheitsempfehlungen (hier wird z. Bsp. auch empfohlen, die oben genannte install.txt zu löschen).

    - kjz
    mein Credo: die 10 größten ROKSO-Spammer aus dem Verkehr gezogen, und 80 % des weltweiten Spam-Problems hätte sich mit einem Schlag erledigt....

Seite 1 von 18 12311 ... LetzteLetzte

Ähnliche Themen

  1. China Produkte?
    Von madsi im Forum 1.2 international
    Antworten: 4
    Letzter Beitrag: 26.11.2009, 22:20
  2. Greetings From China !!!!
    Von schara56 im Forum 1.3 419 (Nigerian Fraud Letters)
    Antworten: 1
    Letzter Beitrag: 04.07.2008, 09:43
  3. [UCE] Print in China
    Von mindphlux im Forum 1.1 deutschsprachig
    Antworten: 4
    Letzter Beitrag: 27.09.2004, 22:55
  4. [uce] naturstein aus china
    Von whiskyshop24 im Forum 1.1 deutschsprachig
    Antworten: 1
    Letzter Beitrag: 14.09.2004, 01:58

Lesezeichen

Lesezeichen

Berechtigungen

  • Neue Themen erstellen: Nein
  • Themen beantworten: Nein
  • Anhänge hochladen: Nein
  • Beiträge bearbeiten: Nein
  •  
Partnerlink:
REDDOXX Anti-Spam Lösungen