Trends in Networks: Spam #11

Here are the past week’s Freenom TLD and .xyz domains detecting spamming on the Digital Ocean network.

Oct22	x3	x6	x1	x2	x27	x2	x8	x2	x1	x2	x1	x7	x3	x8	x4	x8	x6	x1	x1	x1	x9	x2	x2	x1	x1	x4	x1	x2	x4	x35	x4	x2	x7	x1	x2

Oct23	x3	x1	x4	x4	x1	x6	x1	x1

Oct24	x3	x2	x1	x1	x1	x4	x1	x1	x1

Oct25	x5	x1

Oct26	x13	x2	x2	x7	x3	x1	x1	x1

Oct27	x26

Oct28	x2	x2	x1	x1	x3

Oct29	x2	x3	x2	x1	x1	x2	x1	x20	x1	x12	x4	x1	x1	x2

Oct30	x9	x3	x1	x1

The snowshoe marketing from ‘old’ domains is still going strong. They’re reusing domains on new IPs to make the most of them. The reverse DNS records are being updated, but since the same domains are spamming on different IPs, it doesn’t appear Digital Ocean is putting in the effort to stop them. It could just be a ‘fly by night’ attack, as Digital Ocean may provide the ability to update the PTR/reverse DNS record to the customer. We’re detecting tens of thousands a day, just imagine how much it is sending to the rest of the world…

Oct26	x26	x32	x2	x4	x10	x40	x23	x29	x27	x26	x9	x7	x9	x8	x9	x1	x37	x37	x1	x24	x9	x24	x23	x27	x33	x27	x29	x40	x23	x31	x5	x6	x5	x9

Oct 27	x84	x113	x79	x90	x90	x14	x11	x10	x3	x18	x7	x61	x95	x7	x7	x11	x7	x15	x84	x122	x121	x118	x94	x15	x17	x16	x84	x88	x10	x72	x110	x59	x12	x63

Oct28	x19	x3	x28	x27	x26	x22	x36	x3	x25	x22	x3	x2	x3	x19	x5	x28	x25	x18	x5	x2	x3	x5	x2	x23	x1	x37	x45	x26	x21	x24	x23	x24	x5	x42	x26	x29	x26	x25	x61	x37	x25	x46	x53	x54	x25	x23	x18	x19	x29	x3	x37	x23	x6	x20	x4	x29	x2	x3	x41	x26	x22	x24	x50	x23	x5	x25	x26	x22	x4	x53	x23	x51

Oct29	x4	x8	x5	x25	x57	x33	x38	x29	x1	x52	x4	x3	x5	x7	x49	x1	x41	x6	x1	x3	x7	x25	x4	x26	x4	x2	x3	x49	x31	x8	x41	x4	x6	x34	x42	x30	x32	x3	x2	x2	x47	x7	x6	x46	x1	x7	x4	x4	x4	x4	x38	x3	x26	x33	x36	x53	x30	x33	x36	x47	x2	x7	x33	x42	x43	x31	x8	x45

Oct30	x5	x4	x42	x45	x45	x27	x19	x46	x50	x4	x5	x6	x2	x4	x2	x48	x44	x19	x31	x7	x49	x48	x53	x29	x4	x5	x1	x2	x50	x19	x43	x42	x1	x42	x18	x6	x35	x44	x20	x46	x51	x37	x2	x38	x43	x39	x8	x26	x16	x7	x1	x2	x2	x44	x53	x45	x24	x8	x53	x27	x14	x26	x28	x2	x17	x26	x5	x18

This entry was posted in Informative and tagged , , , , , , , , , . Bookmark the permalink.

Leave a Reply