Tuesday, May 10, 2011

Keeping Money Mule Recruiters on a Short Leash - Part Seven

Continuing the what has turned into a tradition, the "Keeping Money Mule Recruiters on a Short Leash" series, in this post we'll review currently active money mule recruitment sites, and provide vital OSINT data on what is currently acting as the the cornerstone of the monetization process that cybercriminals rely on - risk forwarding thanks to money mule recruitment for processing of fraudulently obtained funds.

Description used on the majority of templates:
"Looking to buy art? Sell art? Alternative Art Ltd is the first choice for artists and buyers alike! Alternative Art Ltd is an effective tool for the artist and emerging artist to market and promote their art in a professional and inexpensive manner. We will market your art to the international community of art buyers. Whether you are looking to buy or sell original art, Alternative Art Ltd is the premier art site for those seeking to buy or sell original art online.

NO COMMISSIONS! Whether you are looking to buy art or sell art, our site is fully optimized to get results FAST! Alternative Art Ltd is the future of buying and selling original art online. Artists who choose to sell their original art will receive maximum marketing exposure. For artists, selling your art has never been easier, faster, or more cost-effective. We will help you sell your original art DIRECTLY to buyers worldwide with NO COMMISSIONS. Those wishing to buy art online are invited to browse our extensive online galleries of original art. Never before has it been this easy for a buyer to select high-quality original art online. We update daily with new original art from our artist members.

Alternative Art Ltd offers casual collectors and serious connoisseurs alike an amazing collection of original art pieces from the world over. You'll enjoy unparalleled customer care from a knowledgeable and friendly staff of experts. For artists, the inconvenience and high costs of traditional galleries are completely eliminated. Our team of experts puts the latest technology to work for you, putting your original art in front of millions of potential art buyers!"

Money mule recruitment domains:
aimic-groupllc.at - Email: admin@aimic-groupllc.at
alternative-art-ltd.net - Email: ibsen@ppmail.ru
artby-gorup.net - Email: admin@artby-gorup.net
artby-group.biz - Email: blonde@bz3.ru
art-marketllc.cc - Email: hear@ppmail.ru - seen here 
artsolveltdco.at - Email: admin@artsolveltd.cc
aspecs-group.cc - Email: admin@aspecs-group.cc
ASPECS-GROUP.CC - Email: admin@aspecs-group.cc
callisto-ltdco.net - Email: admin@callisto-ltdco.net
collins-group.cc - Email: admin@megatechservicegroup-ltd.cc
collins-groupusa.com - Email: admin@collins-groupusa.com
COLLINS-GROUPUSA.COM - Email: admin@collins-groupusa.com
competitorgroup-ltd.com - Email: trek@cheapbox.ru
COMPETITOR-UK-GROUP.NET - Email: admin@competitor-uk-group.net
DERWART-GROUP.AT - Email: admin@derwart-group.at
derwart-group.com - Email: admin@ephesgroup-llc.biz
drawmade-group.com - Email: admin@drawmade-group.com
DURLEY-ARTAU.NET - Email: admin@durley-artau.net
DURLEY-ART-GROUP.CC - Email: admin@durley-art-group.cc
ephesgroup-llc.biz - Email: admin@ephesgroup-llc.biz
EPHES-GROUPLLC.CC - Email: admin@ephes-groupllc.cc
ephes-groupllc.net - Email: pious@ppmail.ru
fourthgroup-ltd.cc - Email: rots@cheapbox.ru - seen here
FOURTH-UKLTD.NET - Email: admin@fourth-ukltd.net
generalabbrialgroup-ltd.net - Email: admin@generalabbrialgroup-ltd.net
GENERATION-TEAM.NET - Email: luis@cheapbox.ru
groupinc-upland.biz - Email: admin@groupinc-upland.biz
HELBY-GROUPLTD.BIZ - Email: admin@helby-groupltd.biz
HELBY-GROUP-LTD.CC - Email: packet@bz3.ru
koertig-gmbh.com - Email: usieeobq0604@yahoo.com
kresko-group.biz - Email: admin@Kresko-group.biz
LILAC-ANTIQUE.CC - Email: admin@lilac-antique.cc
MASTERPIECE-GROUP.CC - Email: poop@ca4.ru
MASTERPIECE-GROUP.ORG - Email: admin@masterpiece-group.org
megatechservicegroup-ltd.cc - Email: admin@megatechservicegroup-ltd.cc
MEGATECHSERVICE-GROUP-LTD.COM - Email: admin@collins-groupusa.com
millennial-maingrop.net - Email: mock@free-id.ru
mitissanservice-group-ltd.cc - Email: berra@cutemail.org
mitissanservicegroup-ltd.com - Email: alibi@mailae.com
neoline-groupco.cc - Email: admin@neoline-groupco.cc
neoline-llc.net - Email: admin@neoline-llc.net
QEAD-LLC.BIZ - Email: admin@qead-llc.biz
RICHMOND-ART-GROUP.COM - Email: binary@ca4.ru
RICHMOND-ART-UK.BIZ - Email: admin@richmond-art-uk.biz
sevg-groupnet.com - Email: belle@ca4.ru
SEVG-GROUPNET.COM - Email: belle@ca4.ru
sevg-incgr.net - Email: admin@sevg-incgr.net
SQUIT-GROUP-LLC.BIZ - Email: swept@ca4.ru
SQUITGROUP-LLC.NET - Email: admin@squitgroup-llc.net
targetmarketgroup-llc.cc - Email: admin@targetmarketgroup-llc.cc
tazprogltd-us.com - Email: admin@tazprogltd-us.com
TONSLEY-ART.COM - Email: pagan@ppmail.ru
tonsley-group-uk.net - Email: admin@tonsley-group-uk.net
WEST-VIEW-ART.CC - Email: knees@free-id.ru
westview-art.net - Email: admin@westview-art.net

Name servers of notice:
ns1.pidnsku.org -
ns3.us1copy.ws -
ns2.us1copy.at -
ns2.stelsgid.net -
ns1.usolomio.cc -
ns2.usetmegold.su -
ns3.usiami.su -
ns1.ukansnami.com -
ns3.uknamo.com -
ns2.dnsukrect.com -

Currently active and responding money mule recruitment domains, residing within AS42708, PORTLANE Network; AS29713, INTERPLEXINC Interplex LLC.; AS24940, HETZNER-AS Hetzner Online AG RZ:
alternative-art-ltd.net -
westview-art.net -
fourthgroup-ltd.cc -
artby-group.biz -
collins-group.cc -
aspecs-group.cc -
callisto-ltdco.net -
drawmade-group.com -
ephes-groupllc.net -
targetmarketgroup-llc.cc -
artby-gorup.net -
tazprogltd-us.com -
groupinc-upland.biz -
neoline-llc.net -
collins-groupusa.com -
derwart-group.com -
ephesgroup-llc.biz -
kresko-group.biz -

Psychological evaluation tests found within AS29713, basically every domain name has its associated binary:

Monitoring of money mule recruitment campaigns is ongoing.

Related posts:
Keeping Money Mule Recruiters on a Short Leash - Part Six
Keeping Money Mule Recruiters on a Short Leash - Part Five
The DNS Infrastructure of the Money Mule Recruitment Ecosystem
Keeping Money Mule Recruiters on a Short Leash - Part Four
Money Mule Recruitment Campaign Serving Client-Side Exploits
Keeping Money Mule Recruiters on a Short Leash - Part Three
Money Mule Recruiters on Yahoo!'s Web Hosting
Dissecting an Ongoing Money Mule Recruitment Campaign
Keeping Money Mule Recruiters on a Short Leash - Part Two
Keeping Reshipping Mule Recruiters on a Short Leash
Keeping Money Mule Recruiters on a Short Leash
Standardizing the Money Mule Recruitment Process
Inside a Money Laundering Group's Spamming Operations
Money Mule Recruiters use ASProx's Fast Fluxing Services
Money Mules Syndicate Actively Recruiting Since 2002

This post has been reproduced from Dancho Danchev's blog.