Keeping Money Mule Recruiters on a Short Leash

Monday, November 16, 2009

Keeping Money Mule Recruiters on a Short Leash

The money mule recruitment syndicate exposed in a previous post (Standardizing the Money Mule Recruitment Process), continues introducing new domains and re-branding the de-facto recruitment templates for a huge percentage of the currently active money mule recruitment scams.

Ironically, both the syndicate and its competition in the face of boutique money mule recruitment operations aiming to self-service the cybercriminal -- he doesn't want to share stolen revenue with a third-party service provider -- behind them, are using the copywriting and online brand management services courtesy of a single vendor.

It's time to expose the complete domains portfolio of one of their biggest customers, including both domains introduced since the middle of the summer, 2009, as well as the most recent ones, with all of them using/having used the services of AS:38356.

Parked at 222.35.137.234; 222.35.137.235; 222.35.137.236; 222.35.137.237; 222.35.137.238 as of Monday, November 18 are the following money mule recruitment domains:
affina-groupsvc .cc - Email: justin_dickerson@ymail.com
altgroupco .cn - Email: abuseemaildhcp@gmail.com
alt-groupco .net - Email: MarcusStraker909@gmail.com
annuity-groupnet .cc - Email: justin_dickerson@ymail.com
archway-groupinc .cn - Email: abuseemaildhcp@gmail.com
armor-groupco .cc - Email: defrankpo@gmail.com
ava-group .cc - Email: Gregory.Michell2009@yahoo.com
ava-group .cn - Email: Gregory.Michell2009@yahoo.com
ava-groupsvc .cc - Email: Gregory.Michell2009@yahoo.com
avagroupsvc .cn - Email: Gregory.Michell2009@yahoo.com
bfs-groupinc .cc - Email: defrankpo@gmail.com
braingroupmain .cn - Email: abuseemaildhcp@gmail.com
brain-groupsvc .cn - Email: abuseemaildhcp@gmail.com
ccn-groupco .cn - Email: Gregory.Michell2009@yahoo.com
cdi-groupmain .cn - Email: garry_honn@yahoo.com
cosco-groupmain .cn - Email: andrew_cc@yahoo.com
criscom-group .cc - Email: Gregory.Michell2009@yahoo.com
criscomgroupco .cn - Email: Gregory.Michell2009@yahoo.com
criscom-groupinc .cc - Email: Gregory.Michell2009@yahoo.com
cronos-group .net - Email: MarcusStraker909@gmail.com
cronos-groupinc .cn - Email: abuseemaildhcp@gmail.com
cronos-groupinc .com - Email: bias@co5.ru
cronosgroupsvc .cn - Email: abuseemaildhcp@gmail.com
dove-groupli .cn - Email: abuseemaildhcp@gmail.com
entrustgroup .cn - Email: moldavimo@safe-mail.net
extreme-groupinc .cn - Email: abuseemaildhcp@gmail.com
fairline-group .cn - Email: Gregory.Michell2009@yahoo.com
flatgroupfly .cc - Email: steven_lucas_2000@yahoo.com
full-controll .cc - Email: morgan.greg@yahoo.com

geniouspartner .cn - Email: morgan.greg@yahoo.com
holding-group .cn - Email: ronny.greg@yahoo.com
igt-groupco .cn - Email: abuseemaildhcp@gmail.com
igtgroupinc .cn - Email: abuseemaildhcp@gmail.com
igt-groupinc .com - Email: feet@freemailbox.ru
index-groupinc .cn - Email: abuseemaildhcp@gmail.com
index-groupinc .com - Email: taffy@blogbuddy.ru
indexgroupinc .net - Email: MarcusStraker909@gmail.com
index-groupmain .cn - Email: abuseemaildhcp@gmail.com
ing-groupsvc .cn - Email: admin@emerge-groupnet.cn
integrity-groupinc .cc - Email: justin_dickerson@ymail.com
invalda-groupli .cn - Email: rocco_invalda@yahoo.com
invalda-groupmain .cn - Email: rocco_invalda@yahoo.com
invalda-groupmain .com - Email: chum@cheapmail.ru
landgroupinc .cn - Email: abuseemaildhcp@gmail.com
landgroupinc .net - Email: MarcusStraker909@gmail.com
land-groupsvc .cn - Email: abuseemaildhcp@gmail.com
land-groupsvc .com - Email: bias@co5.ru
libertygroup .cc - Email: LindseyKimSI@gmail.com
lime-groupnet .cn - Email: abuseemaildhcp@gmail.com
lime-groupsvc .cn - Email: abuseemaildhcp@gmail.com
margin-groupco .cn - Email: Gregory.Michell2009@yahoo.com
margingroupinc .cn - Email: regory.Michell2009@yahoo.com
massivegroupsvc .cn - Email: abuseemaildhcp@gmail.com
mastergroupinc .cn - Email: abuseemaildhcp@gmail.com
master-groupinc .com - Email: taffy@blogbuddy.ru
master-groupsvc .cn - Email: taffy@blogbuddy.ru
mellis-group .cn - Email: abuseemaildhcp@gmail.com
mellis-groupmain .cn - Email: abuseemaildhcp@gmail.com

mena-groupsvc .cn - Email: abuseemaildhcp@gmail.com
nvidia-groupnet .cn - Email: Gregory.Michell2009@yahoo.com
nvidia-groupsvc .cn - Email: Gregory.Michell2009@yahoo.com
opm-groupli .com - Email: entrap@namebanana.net
phoenix-groupco .net - Email: MarcusStraker909@gmail.com
phoenix-groupmain .cn - Email: abuseemaildhcp@gmail.com
premier-groupinc .cn - Email: abuseemaildhcp@gmail.com
premier-groupinc .com - Email: gone@corporatemail.ru
premier-groupnet .cc - Email: justin_dickerson@ymail.com
prime-groupco .cn - Email: abuseemaildhcp@gmail.com
prime-groupinc .cn - Email: abuseemaildhcp@gmail.com
puritan-groupco .cc - Email: justin_dickerson@ymail.com
puritan-groupco .cn - Email: abuseemaildhcp@gmail.com
puritan-groupinc .cn - Email: abuseemaildhcp@gmail.com
puritan-groupinc .com - Email: gone@corporatemail.ru
realtek-groupnet .cn - Email: Gregory.Michell2009@yahoo.com
realtekgroupsvc .cn - Email: Gregory.Michell2009@yahoo.com
reddbutton .cn - Email: morgan.greg@yahoo.com
redeye-groupco .cn - Email: abuseemaildhcp@gmail.com
redeye-groupinc .cn - Email: abuseemaildhcp@gmail.com
regency-groupco .com - Email: gone@corporatemail.ru
regency-groupnet .cc - Email: justin_dickerson@ymail.com

regency-groupnet .cn - Email: abuseemaildhcp@gmail.com
safegroupsvc .cn - Email: Gregory.Michell2009@yahoo.com
saturn-groupsvc .cn - Email: darry_wisp@yahoo.com
scope-group .cn - Email: don.ram@yahoo.com
scope-groupmain .cc - Email: darry_wisp@yahoo.com
scope-groupmain .cn - Email: abuseemaildhcp@gmail.com
stargroupinc .cn - Email: abuseemaildhcp@gmail.com
star-groupinc .net - Email: MarcusStraker909@gmail.com
star-groupsvc .cn - Email: abuseemaildhcp@gmail.com
star-groupsvc .com - Email: taffy@blogbuddy.ru
summit-groupinc .cn - Email: Gregory.Michell2009@yahoo.com
theblackend .cn - Email: morgan.greg@yahoo.com
totallysmiled .cn - Email: morgan.greg@yahoo.com
vector-groupfine .cn - Email: justin_dickerson@ymail.com
vision-groupinc .cc - Email: vision-groupinc.cc
vision-groupsvc .com - Email: gone@corporatemail.ru
windcontrol .cc - Email: morgan.greg@yahoo.com

Nothing's isolated, everything's connected, and sadly orchestrated by a very distinct set of cybercrime enterprises, the market share leaders.

Related posts:
Standardizing the Money Mule Recruitment Process
Money Mule Recruiters use ASProx's Fast Fluxing Services
Money Mules Syndicate Actively Recruiting Since 2002
Inside a Money Laundering Group's Spamming Operations

This post has been reproduced from Dancho Danchev's blog.

Dancho Danchev

Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com

Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

Monday, November 16, 2009

Keeping Money Mule Recruiters on a Short Leash

No comments:

Post a Comment