Tuesday, August 6, 2013

AKC (American Kennel Club) Face Book Account Hacked Spammers Use Fake BBC site

qrcode

A post was made yesterday by someone using the AKC Face Book Page:
American Kennel Club
You Should See This http://tinyurl.com/koe2kqu
Here is an image of the post:


The shortened URL directs people to the site:
http://www.bbc.com-592.net/?874456
The spammers are pretending to be the "BBC", they are not.
Here is an image of the fake BBC site:

That domain is a sub-domain of the site:
com-592.net
That site is registered to this person:
Address lookup
canonical name com-592.net.
aliases
addresses 46.251.237.100

Domain Whois record
Queried whois.internic.net with "dom com-592.net"...
Domain Name: COM-592.NET
Registrar: MONIKER ONLINE SERVICES LLC
Whois Server: whois.moniker.com
Referral URL: http://www.moniker.com/
Name Server: NS1.MONIKERDNS.NET
Name Server: NS2.MONIKERDNS.NET
Name Server: NS3.MONIKERDNS.NET
Name Server: NS4.MONIKERDNS.NET
Status: clientDeleteProhibited
Status: clientTransferProhibited
Status: clientUpdateProhibited
Updated Date: 01-aug-2013
Creation Date: 01-aug-2013
Expiration Date: 01-aug-2014
>>> Last update of whois database: Tue, 06 Aug 2013 02:13:50 UTC <<<

Queried whois.moniker.com with "com-592.net"...
Domain Name: COM-592.NET
Registrar: MONIKER
Registrant [4285516]:
Walter White walterwhitebb1@live.com
9142 Las Vegas Blvd
Las Vegas
NV
89165
US

Administrative Contact [4285516]:
Walter White walterwhitebb1@live.com
9142 Las Vegas Blvd
Las Vegas
NV
89165
US
Phone: +1.9491515295

Billing Contact [4285516]:
Walter White walterwhitebb1@live.com
9142 Las Vegas Blvd
Las Vegas
NV
89165
US
Phone: +1.9491515295

Technical Contact [4285516]:
Walter White walterwhitebb1@live.com
9142 Las Vegas Blvd
Las Vegas
NV
89165
US
Phone: +1.9491515295

Domain servers in listed order:
NS1.MONIKERDNS.NET 207.189.109.117
NS2.MONIKERDNS.NET 63.149.176.25
NS3.MONIKERDNS.NET 207.189.109.118
NS4.MONIKERDNS.NET 63.149.176.26
Record created on: 2013-08-01 12:41:07.0
Database last updated on: 2013-08-01 12:40:55.12
Domain Expires on: 2014-08-01 12:41:09.0

Network Whois record
Queried whois.ripe.net with "-B 46.251.237.100"...
% Information related to '46.251.237.0 - 46.251.237.255'
% Abuse contact for '46.251.237.0 - 46.251.237.255' is 'abuse@optimate-server.de'
inetnum: 46.251.237.0 - 46.251.237.255
netname: EXETEL-DE
descr: EXETEL ISP
country: DE
admin-c: TJ1504-RIPE
tech-c: TJ1504-RIPE
status: ASSIGNED PA
mnt-by: MNT-WHITE
mnt-lower: MNT-WHITE
mnt-routes: MNT-WHITE
changed: medler@optimate-server.de 20110321
source: RIPE
person: Tim Joe
address: Krantzstr 7
address: DE-52070 Aachen
phone: +49 2415380891
mnt-by: MNT-WHITE
e-mail: abuse@exetel.de
nic-hdl: TJ1504-RIPE
changed: medler@optimate-server.de 20110122
source: RIPE
% Information related to '46.251.224.0/20AS197043'
route: 46.251.224.0/20
descr: Webtraffic
origin: AS197043
mnt-by: MNT-WHITE
changed: medler@optimate-server.de 20100429
source: RIPE
% This query was served by the RIPE Database Query Service version 1.66.3 (WHOIS1)

DNS records
DNS query for 100.237.251.46.in-addr.arpa returned an error from the server: NameError
name class type data time to live
com-592.net IN A 46.251.237.100 7200s (02:00:00)
com-592.net IN NS ns3.monikerdns.net 7200s (02:00:00)
com-592.net IN NS ns1.monikerdns.net 7200s (02:00:00)
com-592.net IN NS ns2.monikerdns.net 7200s (02:00:00)
com-592.net IN NS ns4.monikerdns.net 7200s (02:00:00)
com-592.net IN SOA
server: ns1.monikerdns.net
email: dnsadmin@moniker.com
serial: 2013080100
refresh: 10800
retry: 3600
expire: 604800
minimum ttl: 21600
7200s (02:00:00)

Leia Mais…