Results 1 to 2 of 2
  1. #1
    ABW Veteran jc101's Avatar
    Join Date
    January 18th, 2005
    Location
    Santa Cruz, CA
    Posts
    4,597
    Spammers using Matrix as bait to plant trojans
    Sydney Morning Herald, Australia - Oct 28, 2003
    Another day, another little bit of social engineering by spammers in a bid to
    use email and trick users into downloading trojans to their computers.

    http://www.smh.com.au/articles/2003/...233227240.html

    Jason
    xtremeshopping.org
    aim: ssn jason
    <a href="http://www.xtremeshopping.org/affiliateconsulting.html"target="_blank">Xtreme's partnership information<a>

    "Do what you love and make money in the process. Turn your knowledge into income."

  2. #2
    2005 Linkshare Golden Link Award Winner  ecomcity's Avatar
    Join Date
    January 18th, 2005
    Location
    St Clair Shores MI.
    Posts
    17,328
    Messenger Service Spam Hall of Shame. D Squared Solutions LLC

    This is the page D Squared Solutions LLC's lawyer demanded be removed in its entirety when they threatened our web host.
    Legal Threat - Final Warning

    Having seemingly been kicked off their Exodus.Net hosting at 64.70.45.200 it appears that the D Squared spam operation has now moved its spamming headquarters out of country and into China. They now appear to be sending spams from a variety of addresses on the NH-CABLE-COM-CN Network.

    New Identified PopUp Spam Addresses sending spams advertising D Squared Solutions LLC sites:
    210.5.22.10
    210.5.22.11
    210.5.22.17
    210.5.22.18
    210.5.22.19
    210.5.22.20
    210.5.22.21
    210.5.22.22
    210.5.22.23

    These new addresses already grace 2 pages of our spam database at the time of writing (06-20-2003). Database Entries. We are sure you will recognise many of these ads and some will likely be surprised that they all appear to be the work of the same spam outfit. As these machines appear to be running the Linux OS and it is reasonably safe to assume that these machines are running socks5 proxy service on non default ports and the spam is being relayed from San Diego through these proxies. Over the past couple of weeks we have received some interesting responses requesting in regard to our requests for more info on this outfit. We are currently working on verifying submitted information before publishing.

    inetnum: 210.5.22.0 - 210.5.22.31
    netname: NH-CABLE-COM-CN
    descr: Nanhan da road, Gui Cheng district Nanhaicity ,Guangdongprovince,
    descr: china
    country: CN
    admin-c: BF14-AP
    tech-c: HO31-AP
    mnt-by: MAINT-CN-GUANGTONG
    changed: hostmaster@optisp.com 20020411
    status: ASSIGNED NON-PORTABLE
    source: APNIC
    changed: hm-changed@apnic.net 20020827
    person: Ben Feng
    address: Room 5806-07, CITIC Plaza,#233, Tianhebei Rd. Guangzhou, GD
    country: CN
    phone: +8620-38771150-2801
    fax-no: +8620-38771150-2801
    e-mail: ben@optisp.com
    nic-hdl: BF14-AP
    mnt-by: MAINT-NEW
    changed: hostmaster@apnic.net 20011019
    source: APNIC

    person: Hostmaster OPTISP
    address: Guangtong IDC, 3/F, #58 Jianzhong Rd. Ruanjianyuan, Guangzhou,GD, P.R.China
    country: CN
    phone: +8620-85559257
    fax-no: +8620-85532360
    e-mail: hostmaster@optisp.com
    nic-hdl: HO31-AP
    mnt-by: MAINT-NEW
    changed: hostmaster@optisp.com 20020311
    source: APNIC


    Update

    D Squared Solutions LLC Finally Unmasked.

    We are sure that by now many of our readers that have been repeatedly spammed by these people (who in OUR OPINION are scumbags) are itching to know who is behind D Squared Solutions LLC. We are now able to identify two of the faces behind the spam operation and throw in some other rather interesting supportive facts. It took many hours of diligent research and piecing together many fragments of evidence to arrive at these these results and be able to provide the required proof before writing.

    It is a fact that this companies ads create an ongoing spam nuisance, then claim they are trying to help people fight the spam by selling them a message blocking program to block the spam, their company sends. What if we were to tell you that the very same company also sell spam tools? Hypocritical in our opinion maybe that they spam you 10 times a day claiming they want to help you fight spam by selling you an ad blocker yet on the other hand are selling tools to spammers? It appears that these people (who in OUR OPINION are scumbags) are playing both sides of the fence.

    D Squared Solutions LLC is owned by one Anish Dhingra who also incidentally runs www.broadcastmarketer.com which sells popup spam tools. How do we know? Following the links to the buy now page takes you to the billing details which clearly states at the bottom of the page. Interesting links: Jenett Radio three quarters of the way down the page entitled AOL Blocks Messenger Spam. News.Com article quoting Dhingra. Badads.Org article entitled AOL, Spammer dukes it out. CERT article. OnlineJournalism.Com article entitled AOL battles against instant spam. Dmsolutions.net article about spam.

    NOTE:
    Your credit card statement will report this charge as:
    "D Squared Solutions"

    [Amendment] The above information has now been removed from the billing details page but it still shows "squaredbilling" in the url https://ignite.combustionlabs.com/sq...stmarketer.php

    A Whois lookup provides further information verifying that the domain belongs to the same outfit.

    Registrant:
    d squared
    PO BOX 927142
    San Diego, CA 92129-7142
    US

    Domain Name: BROADCASTMARKETER.COM

    Administrative Contact:
    SpamSlammers (Interesting inclusion in their domain details - this *is not* related to us)
    Admin
    PO BOX 927142
    San Diego, CA 92129-7142
    US
    800-453-3422
    msgaway2003@yahoo.com

    Technical Contact, Zone Contact:
    d squared
    Admin
    PO BOX 927142
    San Diego, CA 92129-7142
    US
    800-453-3422
    msgaway2003@yahoo.com

    Domain created on 20-Oct-2002
    Domain expires on 20-Oct-2004
    Last updated on 13-Feb-2003

    Domain servers in listed order:

    NS.COMBUSTIONLABS.COM
    NS2.COMBUSTIONLABS.COM



    We also found another domain belonging to them using the same combustionlabs.com nameservers which is www.oktanedesign.com

    What else do we know about Anish Dhingra?

    More facts of interest are to be found here which name Anish Dhingra as the head of Broadcast Marketer which incidentally looks like a tool made by a child after downloading the demo version and installing it on a test computer. I would rate it about 2 out of 10 if I had the slightest interest in reviewing scumware of this type.

    We are reliably informed that Anish Dhingra lives at the below address which was also further confirmed by their lawyer.

    Anish Dhingra
    5240 Fiore Terrace
    J317 , CA 92122
    661-755-3656
    anishd@san.rr.com


    You can contact Anish Dhingra at the above address.

    We are further informed by the same anonymous source that supplied the above these are other contact numbers for Anish Dhingra and Jeff Davis.

    Anish Dhingra 858-245-1842

    Anish Dhingra & Jeff Davis (Home) 858-794-7060

    Jeff Davis 858-220-1248

    BroadcastMarketer
    Anish Dhingra, president
    Phone: 858-455-1617
    E-mail: customerservice@broadcastmarketer.com


    Items above in italics sourced from BadAds.Org who also invite you to "write these poor misguided folks and reeducate them"


    We have also good reason to believe that Jeff Davis is also a partner in D Squared Solutions LLC and this would possibly account for the name D Squared (D to the power of 2) Dhingra and Davis.

    Their Broadcast Marketer program contains some interesting strings viewable with a hex editor showing the below

    e:\Documents and Settings\jdavis\My Documents\Visual Studio Projects\BroadcastMarketer\Release\BroadcastMarketer.pdb

    The above shows that the user account on the computer used to compile the Broadcast Market program was called "jdavis" and was written in Microsoft Visual C++ which further bears out the theory that Jeff Davis is a partner in D Squared Solutions LLC.

    New Spam Domain WWW.MSGBLOCKER.COM

    This appears to have all the hallmarks of one of their domains, if it isn't theirs then their hosts must be harbouring even more spammers with almost identical
    operations.

    Domain Name: MSGBLOCKER.COM
    Registrar: NAMESDIRECT.COM, INC.
    Whois Server: whois.namesdirect.com
    Referral URL: http://www.namesdirect.com
    Name Server: NS1.MEGANAMESERVERS.COM
    Name Server: NS2.MEGANAMESERVERS.COM
    Name Server: NS3.MEGANAMESERVERS.COM
    Status: ACTIVE
    Updated Date: 20-apr-2003
    Creation Date: 02-apr-2003
    Expiration Date: 02-apr-2004

    Registrant:
    msgBLOCKER
    msgBLOCKER
    msgBLOCKER, msgBLOCKER msgBLOCKER
    US

    Registrar: NAMESDIRECT
    Domain Name: MSGBLOCKER.COM
    Created on: 01-APR-03
    Expires on: 02-APR-04
    Last Updated on: 20-APR-03

    Administrative, Technical Contact:
    BLOCKER, msg support@msgblocker.com
    msgBLOCKER
    msgBLOCKER
    msgBLOCKER, msgBLOCKER msgBLOCKER
    US
    msgBLOCKER

    Domain servers in listed order:
    NS1.MEGANAMESERVERS.COM
    NS2.MEGANAMESERVERS.COM
    NS3.MEGANAMESERVERS.COM

    Screw these spammers and any merchant who knows these domainless wanks are sucking in commissions by pissing off internet shoppers with their e-mail tricks for clicks.

    Mike & Charlie ...

    If they won't adopt and feed a bird ..flip them one! BBQ some Gator and remember to flush WhenU..

  3. Newsletter Signup

+ Reply to Thread

Similar Threads

  1. getting rid of trojans???
    By johanna in forum Midnight Cafe'
    Replies: 6
    Last Post: October 1st, 2003, 12:15 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •