Author Archives: Thomas

Trends in Networks: Spam #13

Another week goes by with seemingly no actions taken to prevent this abuse. Do we put the onus on the person who abuses the tool, the person who provides the use of the tool, or the person who created the … Continue reading

Posted in Informative | Tagged , , , , , , , , , | Leave a comment

Trends in Networks: Spam #12

Back from a break and picking up where we left off. It’s a shame the spammers have not taken a break… still the same pattern of activity occurring on the Digital Ocean network. We’re only looking at .xyz and Freenom … Continue reading

Posted in Informative | Tagged , , , , , , , , , | Leave a comment

When and Why Internet Providers Should Block Port 25 Outbound

The Internet has swiftly synergized into the lives of people ever since it was introduced to the general population. Nowadays, without it people will feel like a significant part of them is missing. What we are unaware of is how … Continue reading

Posted in Informative | Tagged , , , , , | Leave a comment

Trends in Networks: Spam #11

Here are the past week’s Freenom TLD and .xyz domains detecting spamming on the Digital Ocean network. Oct22 104.131.60.188 x3 xnx0.517.vexxo.ml 104.248.2.30 x6 xnx0.527.vexxo.ml 128.199.152.3 x1 xnx0.509.vexxo.ml 128.199.23.11 x2 xnx0.513.vexxo.ml 128.199.23.23 x27 xnx0.516.vexxo.ml 128.199.26.255 x2 xnx0.511.vexxo.ml 134.122.59.13 x8 xnx0.508.vexxo.ml 134.209.44.46 … Continue reading

Posted in Informative | Tagged , , , , , , , , , | Leave a comment

Trends in Networks: Spam #10

Here are this week’s spammy Freenom and .xyz TLDs coming from the Digital Ocean network. Oct16 134.122.41.131 x1 girlssoft.gq 134.122.45.114 x1 chocolatesoft.tk 134.122.45.115 x1 chocolatesoft.ml 134.122.45.119 x2 softaustralia.ga 134.122.45.120 x1 softaustin.ga 134.122.45.121 x2 softaustralia.tk 134.122.45.123 x2 softaustralia.gq 134.122.45.50 x2 softaustralia.ml … Continue reading

Posted in Informative | Tagged , , , , , , , , , | Leave a comment

The Many Faces of Emotet

You’ve probably heard the recent news of Microsoft’s attempt to take down the Trickbot botnet. An interesting correlation with this event (though perhaps not directly related..) is the sudden uptick of Emotet email spam shortly after the Microsoft news hit. … Continue reading

Posted in Informative | Tagged , , , , , , , | Leave a comment

Trends in Networks: Spam #9

Outside of the typical throwaway domain spam, we have been seeing a tremendous volume of marketing email coming from the Digital Ocean network. But first, here are this week’s Freenom and .xyz TLDs detected spamming on the Digital Ocean network. … Continue reading

Posted in Informative | Tagged , , , , , , , | Leave a comment

Trends in Networks: Spam #8

Another week, and sadly nothing has changed. Spoke too soon last week, nothing has been done about Digital Ocean IPs spamming with Freenom TLDs in the PTR record. Oct1 164.90.146.134 x1 rdns0.okisat.xyz 165.227.161.178 x7 bizcloud-send0.servar.xyz 165.227.164.181 x1 vcu0.minixo.gq 206.189.210.58 x1 … Continue reading

Posted in Informative | Tagged , , , , , , , | Leave a comment

Trends in Networks: Spam #7

This week we saw a significant drop in the use of Freenom TLDs coming from Digital Ocean. Wonder if the spammers just took a break from using them, but if this was the result of Digital Ocean’s efforts then good … Continue reading

Posted in Informative | Tagged , , , , , , , | Leave a comment

Trends in Networks: Spam #6

Picking up where we left off, more spam coming from the Digital Ocean network with freenom and xyz TLDs in the PTR/reverse DNS record. Sep12 157.245.94.185 x1 mail.opoczanie.xyz 161.35.230.193 x1 server.healthdocs.xyz 164.90.228.251 x1 srv0.mails27.gq 164.90.233.88 x3 srv0.mails27.cf 165.22.74.145 x3 srv0.mails28.tk … Continue reading

Posted in Informative | Tagged , , , , , , , | Leave a comment