Saturday, February 12, 2011

AnonLeaks On The Move

Yesterday, I pointed out that had been deployed on IP address During the night, was moved to In addition, was deployed on
In addition, has been set up within criminal hoster Webalta's IP space:
Anonops has several familiar dedicated DDOS domains at
Hijacked brands on include Facebook, HSBC Finance, Nintendo, and Star Wars. In addition, the IP is cluttered with web spam junk domains.

According to, there have been 29 separate instances of malware on during the past 12 months (including, and the host domain objects remain in play (they include various subdomains for,, and
MalwareURL reports that Zeus and other keyloggers are currently active on the IP. is the bad hosting firm involved, and we will be taking a close look at their other operations.

James McQuaid

Friday, February 11, 2011

AnonLeaks Continues Relationship With Criminals

The sociopaths at Anonymous are once again aligning themselves with cyber criminals.  You may recall that they hooked up with Heihachi some time ago.  Now they are launching AnonLeaks as a replacement for wikileaks.  While AnonLeaks is being promoted through social media, and a free sites such as blogger, they have also launched a subdomain at malware domain

Google Safe Browsing paints a pretty ugly picture:
"Malicious software includes 1 scripting exploit(s), 1 trojan(s), 1 exploit(s). Successful infection resulted in an average of 1 new process(es) on the target machine."

Threat Expert, Norton, and McAfee also warn of malware at the site: is nestled in with numerous scam, fraud and malware sites at

    * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
If you don't want to reload your computer as well as, deal with the nightmare that is identity theft, stay away from the various AnonLeaks sites.

We will be adding to the RBN IP List with the next update.

Amazon may be interested to learn that they are hosting a site being utilized by Anonymous:

AnonLeaks. posted Dec 14, 2010 03:57:55 by anonleaks123. Pure Awesomeness. page 1. Back to Topics. Login below to reply: get your own embeddable forum with a United States Amazon IAD prefix AS14618 Amazon-AES-IAD

One of the characteristics that the members of Anonymous have in common with their Russian and Ukrainian cybercriminal benefactors is that they evidently never received a moral education. Another is that they are felons who have earned hard prison time.

James McQuaid
11 February 2011