from:"Mark Foo"

Fw: new message

2015-10-25 Thread Mark Foo

Hey!

 

New message, please read <http://iamakeupartistry.com/red.php?xr7m>

 

Mark Foo

Fw: new message

2015-10-25 Thread Mark Foo

Hey!

 

New message, please read <http://seyanat.com/doing.php?t48j>

 

Mark Foo

Fw: new message

2015-10-25 Thread Mark Foo

Hey!

 

New message, please read <http://thomasguerriero.net/doing.php?l51th>

 

Mark Foo

Re: YAY! Re: Atrivo/Intercage: NO Upstream depeer

2008-09-24 Thread Mark Foo

NANOG:

Look, the people posting here who are trashing Intercage are pure security
analysts -- they
know and understand the evil that is Intercage. STOP TRYING TO ASSIST
INTERCAGE
-- you are effectively aiding and abetting the enemy.

Intercage/Atrivo hosts the malware cc botnets that DDoS your systems and
networks.

Intercage/Atrivo hosts the spyware that compromises your users' passwords.

Intercage/Atrivo hosts the adware that slows your customers' machines.

Don't take my word for it, DO YOUR OWN RESEARCH:
http://www.google.com/search?hl=enq=intercage+malware

You don't get called the ***American RBN*** for hosting a couple bad
machines. They
have and will continue to host much of the malware pumped out of America.
THEY
ARE NOT YOUR COMRADES.

These people represent the most HIGHLY ORGANZIED CRIME you will ever
come across. Most people were afraid to speak out against them until this
recent ground swell.

This is the MALWARE CARTEL. GET THE PICTURE?

Many links have been posted here that prove this already -- instead of
asking
what customers they cut off, let them show WHAT CUSTOMERS ARE LEGIT--
because there are NONE.





  I would suggest a different Step 1.  Instead of killing power, simply
  isolate the affected machine.  This might be as simple as putting up a
  firewall rule or two, if it is simply sending outgoing SMTP spam, or
  it's probably easiest (depending on the network gear of course) to
  just put the lan port into an isolated VLAN. It's not the 100%
  solution (some badness rm's itself once it loses connectivity to the
  internets) but it'd make things simpler for the client/LEA when they
  need to figure out what happened.
 
  -chris

Re: YAY! Re: Atrivo/Intercage: NO Upstream depeer

2008-09-24 Thread Mark Foo

Russell:

Ferg was just being coy -- what you don't understand is there are about 3 other
security mailing lists plotting to TAKE YOUR SERVICE DOWN. You FAIL. Law
Enforcement might not take action against you (but appear to be interested now),
but the community can. GET OFF THE NET WITH YOUR MALWARE!

You mistake me for someone who believes you pack of lies! Don't you
understand each
time you post to this list gives those of us who know the opportunity
to post MORE EVIDENCE
of your MALWARE?

You disconnected Hostfresh and think that's the extent of your cimes?
Gimme a break.
Only those who are easily socially engineered would believe your
pathetic claims of innocence.
You've BEEN HOSTING MALWARE since 2003 -- SEE Nanog post:

Re: The in-your-face hijacking example
http://www.irbs.net/internet/nanog/0305/0038.html

Let me know if there's anything else you'd like me to state to the public.

Answer Ferg's question -- Why are you moving to CERNAL? Do you think this
is going to work? That's just another of Emil's networks.

We're on a rocky road right now. But it IS starting to smooth out.

That's just the calm before the storm.

Go ahead and post a response to each of these allegations:

Cybercrime's US Hosts
http://www.spamhaus.org/news.lasso?article=636

Report Slams U.S. Host as Major Source of Badware
http://voices.washingtonpost.com/securityfix/2008/08/report_slams_us_host_as_major.html?nav=rss_blog

A Superlative Scam and Spam Site Registrar
http://voices.washingtonpost.com/securityfix/2008/09/estdomains.html?nav=rss_blog

ICANN cast as online scam enabler
http://www.theregister.co.uk/2008/09/03/cyber_crime_reports/

'Malware-friendly' Intercage back with the living
http://www.theregister.co.uk/2008/09/24/intercage_back_online/

On Tue, Sep 23, 2008 at 11:50 PM, Russell Mitchell [EMAIL PROTECTED] wrote:

Hello John Doe,

I welcome any further comments you have.
We have to get past people such as yourself, and your blasphemous and false
statements.

This is the same issue with the recent media and self-proclaimed Security
Researchers. Fly-by-night mind you.

To help you out in your claims:
Yes, we did house a client whom had quite a run with their client's from
various locations, such as Russia.
That Client is no longer hosted on our network. I myself spent all of monday
afternoon, night, and tuesday morning shutting off EVERY machine they had
leased in our Billing System. I'm currently working to scan further and see
if there's anything I may have missed.

Yes, Russia is very well known for Virus and Malware writer's.

Yes, we have had issues with malware distribution from our network.
This was directly and near singularly related to the former client of ours.
We did have another client, Hostfresh, whom had their share of malware issues.

Both have been completely and effectively removed. The server's leased to
both of them have been canceled, and their machines have been shutoff.

Let me know if there's anything else you'd like me to state to the public.
We're on a rocky road right now. But it IS starting to smooth out.

Thank you for your time. Have a great day.
---
Russell Mitchell

InterCage, Inc.

- Original Message
From: Mark Foo [EMAIL PROTECTED]
To: Bruce Williams [EMAIL PROTECTED]
Cc: Christopher Morrow [EMAIL PROTECTED]; nanog@nanog.org; Joe Greco
[EMAIL PROTECTED]
Sent: Tuesday, September 23, 2008 11:08:21 PM
Subject: Re: YAY! Re: Atrivo/Intercage: NO Upstream depeer

NANOG:

Look, the people posting here who are trashing Intercage are pure security
analysts -- they
know and understand the evil that is Intercage. STOP TRYING TO ASSIST
INTERCAGE
-- you are effectively aiding and abetting the enemy.

Intercage/Atrivo hosts the malware cc botnets that DDoS your systems and
networks.

Intercage/Atrivo hosts the spyware that compromises your users' passwords.

Intercage/Atrivo hosts the adware that slows your customers' machines.

Don't take my word for it, DO YOUR OWN RESEARCH:
http://www.google.com/search?hl=enq=intercage+malware

You don't get called the ***American RBN*** for hosting a couple bad
machines. They
have and will continue to host much of the malware pumped out of America.
THEY
ARE NOT YOUR COMRADES..

These people represent the most HIGHLY ORGANZIED CRIME you will ever
come across. Most people were afraid to speak out against them until this
recent ground swell.

This is the MALWARE CARTEL. GET THE PICTURE?

Many links have been posted here that prove this already -- instead of
asking
what customers they cut off, let them show WHAT CUSTOMERS ARE LEGIT--
because there are NONE.

I would suggest a different Step 1. Instead of killing power, simply
isolate the affected machine. This might be as simple as putting up a
firewall rule or two, if it is simply sending outgoing SMTP spam, or
it's probably easiest (depending on the network gear of course) to
just put the lan port

Re: YAY! Re: Atrivo/Intercage: NO Upstream depeer

2008-09-24 Thread Mark Foo

.
---
Russell Mitchell

InterCage, Inc.

- Original Message
From: Mark Foo [EMAIL PROTECTED]
To: Russell Mitchell [EMAIL PROTECTED]
Cc: Bruce Williams [EMAIL PROTECTED]; Christopher Morrow [EMAIL
PROTECTED]; nanog@nanog.org; Joe Greco [EMAIL PROTECTED]
Sent: Wednesday, September 24, 2008 12:27:50 AM
Subject: Re: YAY! Re: Atrivo/Intercage: NO Upstream depeer

Russell:

Ferg was just being coy -- what you don't understand is there are about 3
other
security mailing lists plotting to TAKE YOUR SERVICE DOWN. You FAIL. Law
Enforcement might not take action against you (but appear to be interested
now),
but the community can. GET OFF THE NET WITH YOUR MALWARE!

You mistake me for someone who believes you pack of lies! Don't you
understand each
time you post to this list gives those of us who know the opportunity
to post MORE EVIDENCE
of your MALWARE?

Re: The in-your-face hijacking example
http://www.irbs.net/internet/nanog/0305/0038.html

Let me know if there's anything else you'd like me to state to the public.

Answer Ferg's question -- Why are you moving to CERNAL? Do you think this
is going to work? That's just another of Emil's networks.

We're on a rocky road right now. But it IS starting to smooth out.

That's just the calm before the storm.

Go ahead and post a response to each of these allegations:

Cybercrime's US Hosts
http://www.spamhaus.org/news.lasso?article=636

Report Slams U.S. Host as Major Source of Badware
http://voices.washingtonpost.com/securityfix/2008/08/report_slams_us_host_as_major.html?nav=rss_blog

A Superlative Scam and Spam Site Registrar
http://voices.washingtonpost.com/securityfix/2008/09/estdomains.html?nav=rss_blog

ICANN cast as online scam enabler
http://www.theregister.co.uk/2008/09/03/cyber_crime_reports/

'Malware-friendly' Intercage back with the living
http://www.theregister.co.uk/2008/09/24/intercage_back_online/

On Tue, Sep 23, 2008 at 11:50 PM, Russell Mitchell [EMAIL PROTECTED] wrote:

Hello John Doe,

I welcome any further comments you have.
We have to get past people such as yourself, and your blasphemous and false
statements.

This is the same issue with the recent media and self-proclaimed Security
Researchers. Fly-by-night mind you.

Yes, Russia is very well known for Virus and Malware writer's.

Both have been completely and effectively removed. The server's leased to
both of them have been canceled, and their machines have been shutoff.

Let me know if there's anything else you'd like me to state to the public.
We're on a rocky road right now. But it IS starting to smooth out.

Thank you for your time. Have a great day.
---
Russell Mitchell

InterCage, Inc.

NANOG:

Intercage/Atrivo hosts the malware cc botnets that DDoS your systems and
networks.

Intercage/Atrivo hosts the spyware that compromises your users' passwords.

Intercage/Atrivo hosts the adware that slows your customers' machines.

Don't take my word for it, DO YOUR OWN RESEARCH:
http://www.google.com/search?hl=enq=intercage+malware

You don't get called the ***American RBN*** for hosting a couple bad
machines. They
have and will continue to host much of the malware pumped out of America.
THEY
ARE NOT YOUR COMRADES..

These people represent the most HIGHLY ORGANZIED CRIME you will ever
come across. Most people were afraid to speak out against them until this
recent ground swell.

This is the MALWARE CARTEL. GET THE PICTURE?

Many links have been posted here that prove this already -- instead of
asking
what

YAY! Re: Atrivo/Intercage: NO Upstream depeer

2008-09-22 Thread Mark Foo

On Sun, Sep 21, 2008 at 12:46:54PM -0700, Emil Kacperski wrote:
 Hey James,

 That's the worst part in all this, so many been with me for years!? I just
put my fate into companies I shouldn't have.

Emil:

Yes, they have been with you for years -- it's quite unfortunate, such great
customers.

Take those customers who steal identity from the public -- did you get a
cut, or just the hosting fees?

Next, move to those who host trojans, rogue antivirus, bill people for fake
software
(and keep billing them), etc. Oh, and the ad-ware, despite being a lower
security risk, it was
some of the most hated stuff out there.

I'd say you have put your fate into companies you shouldn't have -- not just
your fate but your business.
This is the logical result (actually, this is just the start). I'm surprised
it took so long.

You can't wash away years of malicious activity by simply claiming innocence
and disconnecting
some of your worst offenders.

Male parta male dilabuntur.


For the NANOG folks who apparently don't understand what is going on and are
so
easily socially engineered by these claims of innocence -- do a little
research:

http://www.google.com/search?hl=enq=intercage+malware
http://www.google.com/search?hl=enq=atrivo+malware


Here's some research for you:
Complaints on Intercage/Atrivo from 2003:
Re: The in-your-face hijacking example
http://www.irbs.net/internet/nanog/0305/0038.html


From 2006:
More super rogue anti-spyware
http://updates.zdnet.com/tags/intercage.com.html

Be on the lookout for another new supposed anti-spyware program that might
be hijacking desktops any day now.
This one is called PestTrap and it.s a clone of SpySheriff. SpySheriff was
one of the top 10 rogue anti-spyware apps of 2005,
coming in at number 2.

PestTrap site is hosted at IP address 69.50.167.173 which belongs to an ISP
in California, InterCage, Inc., formerly know
n as Atrivo.  Note the nameservers are mail.atrrivo.com and pavel.atrivo.com
.

OrgName:InterCage, Inc.
OrgID:  INTER-359
Address:1955 Monument Blvd.
   Address:#236
City:   Concord
StateProv:  CA
PostalCode: 94520
Country:US

Not surprisingly, SpySheriff.com (link to whois) is hosted at InterCage, and
we have SpyTrooper.com on the same
IP address, 69.50.170.82. The other domain on the IP is Spy-Sheriff.com.
This IP is also currently blacklisted.

InterCage, Inc. INTERCAGE-NETWORK-GROUP (NET-69-50-160-0-1)
  69.50.160.0 - 69.50.191.255
William Lu STANDARDSHELLS (NET-69-50-170-0-1)
  69.50.170.0 - 69.50.170.255

The Intercage.com (link to site) home page is white and blank except for .
in the upper left corner.  Now, that seems odd to me.
An ISP with a blank homepage? Google searches for Intercage.com and
Intercage, Inc. bring up all kinds of interesting links.
A Google search for Atrivo produces even more  fascinating information like
this and this.  More on this one later.

Fw: new message

Fw: new message

Fw: new message

Re: YAY! Re: Atrivo/Intercage: NO Upstream depeer

Re: YAY! Re: Atrivo/Intercage: NO Upstream depeer

Re: YAY! Re: Atrivo/Intercage: NO Upstream depeer

YAY! Re: Atrivo/Intercage: NO Upstream depeer

7 matches

Site Navigation

Mail list logo

Footer information