Bogus Adult Content SPIM-ed Over ICQ


A currently SPIM-ed campaign over ICQ attempts to trick the end user into becoming a member of a bogus adult content offering network, which drives sales through spamming.

The links chain:
- ow.ly/3V9eu
    - art-spectrum.info/load2/7674/foto.jar - 178.170.250.12 (AS52000, ALDAN-3-AS LTD "ALDAN-3)
        - video-girl.tv/default.aspx - 81.177.3.250 - Email: support@video-people.com  (AS8342, RTCOMM-AS OJSC RTComm.RU) with two active SpyEye C&Cs within the AS - googlemaps4.com (81.176.236.177) and reg.kygalu.ru - 81.177.32.45 - Email: kygalu.ru@r01-service.ru

- Responding to 178.170.250.12 are also geoinvest.org (178.170.250.12) Email: geoinvest@sum.co.ru and power-man.ru (178.170.250.12) Email: antonvp@yandex.ru

- Responding to 81.177.3.250 are:
vchat.kladoffka.com - Email: sanny_dbroker@mail.ru
virtualniyseks.in - Email: sereg@hot.ee
odetih.net - Email: reg@legato.name
pornoton.net
russiansgirls.net

videodevki.ru - Email: prezidentbush@yandex.ru
video-girl.ru - Email: admin@video-girl.ru
strip-girl.ru - Email: kinoman-cd@yandex.ru
webcam-girls.ru - Email: srg_surgut@pisem.net
videoshowgirls.ru - Email: gbgcnbr@i.ua
sexy-chat.ru - Email: roman.alexsandr@mail.ru
flirtshow.ru - Email: rusproject99@yandex.ru
chatsexy.ru - Email: roman.alexsandr@mail.ru
rusprivate.su - Email: sadko-as@rambler.ru
video-girl.tv - Email: support@video-people.com
x-chat.tv - Email: x-chat@mail.ru

This post has been reproduced from Dancho Danchev's blog.