Just a quick one regarding todays hacking of Twitter accounts.
The links given by the tweets from the compromised accounts seems to take this route (there may of course be others):
- http://qwecvgfjk.info/ (188.8.131.52)
- http://www.onlyfreeoffersonline.com/redir.aspx?CID=27453&AFID=39261&DID=119273 (184.108.40.206)
- http://www.cleancoloncleanse.com/ (220.127.116.11)
Which makes me think of “affiliate” spam. With the aid of hacking.
Well, the company behind will of course use the affiliate excuse. But who really believes them?
Footer text on cleancoloncleanse.com: “Copyright Teloxys Technologies Ltd.”
The support page on cleancoloncleanse.com goes to herbaltechsupport.com (18.104.22.168).
Support phonenumber: 800-536-9026.
Orders are taken at cleancoloncleanse.safewebstore.com (22.214.171.124)
Apparently tied to acai berry spam too.
Googling e.g. phonenumber, cleanseprox or Teloxys Technologies gives you food enough if you want to dig further.
One of the results are Facebook spam, after hacking accounts.
This hit is one example, Teloxys Technologies goes over dead bodies to earn money:
N.S. girl angry as dead mom’s Facebook account hacked