Friday, February 11, 2011

AnonLeaks Continues Relationship With Criminals

The sociopaths at Anonymous are once again aligning themselves with cyber criminals.  You may recall that they hooked up with Heihachi some time ago.  Now they are launching AnonLeaks as a replacement for wikileaks.  While AnonLeaks is being promoted through social media, and a free sites such as blogger, they have also launched a subdomain at malware domain pcriot.com.

Google Safe Browsing paints a pretty ugly picture:
"Malicious software includes 1 scripting exploit(s), 1 trojan(s), 1 exploit(s). Successful infection resulted in an average of 1 new process(es) on the target machine."
http://www.google.com/safebrowsing/diagnostic?site=pcriot.com

Threat Expert, Norton, and McAfee also warn of malware at the site:
http://www.threatexpert.com/report.aspx?md5=a7e1388c38c1fed12785bc335f95b15d
http://safeweb.norton.com/report/show?name=biohazarder.pcriot.com
http://www.siteadvisor.com/sites/pcriot.com

anonleaks.pcriot.com is nestled in with numerous scam, fraud and malware sites at 69.175.6.102:

    *.alma-radiantbarrier.x10.mx *.bigfang.exofire.net *.com.x10.mx *.com2fhttp3awww.menshealth.x10.mx *.conectplayer.x10.mx *.craybiez.pcriot.com *.dammy.exofire.net *.domains.menshealth.x10.mx *.dotnuxx.x10hosting.com *.ebay.menshealth.x10.mx *.ebaymotors.ebay.menshealth.x10.mx *.elementfx.com *.emu.pcriot.com *.exofire.net *.fogafoga.exofire.net *.freedownload.x10.mx *.in.www.menshealth.x10.mx *.menshealth.x10.mx *.monroefunds.elementfx.com *.moviesx.x10.mx *.new4m.x10.mx *.o-radiantbarrier.x10.mx *.pcriot.com *.porno-radiantbarrier.x10.mx *.proactolreview.x10.mx *.prodigy.x10.mx *.s102-darkwindow.exofire.net *.s102-radiantbarrier.x10.mx *.sars-gov.x10.mx *.standardbanksecuredpage.x10.mx *.uk.x10.bz *.www.menshealth.x10.mx *.x10.bz *.x10.mx *.x10hosting.com 6apart.menshealth.x10.mx 9lb-ar.x10.bz absolut.x10hosting.com accountnow.x10hosting.com accs-google.x10.bz accs-radiantbarrier.x10.mx activities.menshealth.x10.mx adiantbarrier.x10.mx alma-radiantbarrier.x10.mx am-red.menshealth.x10.mx americanflyertrains.x10.bz anonleaks.pcriot.com astoora.pcriot.com atenas.x10.bz avto-radiantbarrier.x10.mx aztecas.exofire.net b.s102-darkwindow.exofire.net b.s102-radiantbarrier.x10.mx background-netsite.x10.bz background-radiantbarrier.x10.mx beatfiltering.com2fhttp3awww.menshealth.x10.mx beautyskincare.pcriot.com best1services.x10hosting.com bigfang.exofire.net bizmarket.x10hosting.com blogging-radiantbarrier.x10.mx bos1-mail.domains.menshealth.x10.mx build-radiantbarrier.x10.mx bz2.menshealth.x10.mx c13-b2b-prod-fa-web-lb.menshealth.x10.mx cashopping.pcriot.com chat-radiantbarrier.x10.mx cheapstackingchairs.x10.bz chiziahu.x10.mx com.x10.mx com2fhttp3awww.menshealth.x10.mx conectplayer.x10.mx cosex-darkwindow.exofire.net craybiez.pcriot.com cucvip.net dogtrainingcenter.pcriot.com domains.menshealth.x10.mx ebay.menshealth.x10.mx ebaymotors.ebay.menshealth.x10.mx emu.pcriot.com facebook.emu.pcriot.com facebook.pcriot.com fogafoga.exofire.net folksfun.pcriot.com fuuhx.x10hosting.com gamesnaper.x10hosting.com guias2009.exofire.net iciici.x10hosting.com in.www.menshealth.x10.mx in2.x10hosting.com infinityicici1.x10.mx iyan.x10hosting.com leroi.elementfx.com lestim.x10hosting.com lotus.x10hosting.com malisnet.com menshealth.x10.mx monroefunds.elementfx.com morenathuso.com morenathuso.x10hosting.com mptiga.x10hosting.com mrrohana.x10hosting.com mx.x10hosting.com new.x10hosting.com new4m.x10.mx nikmob.x10.mx ns1.conectplayer.x10.mx ns10.x10hosting.com ns100000.x10hosting.com ns2.conectplayer.x10.mx ns3.conectplayer.x10.mx ns3.x10hosting.com o-radiantbarrier.x10.mx onetouchglucometer.exofire.net phonezone.exofire.net pills.x10.bz pnoykb.x10.mx porno-radiantbarrier.x10.mx quebec-community.com rijad2.x10.mx runex.pcriot.com s102-darkwindow.exofire.net s102-radiantbarrier.x10.mx sap.x10hosting.com sc2.pcriot.com serfx.dotnuxx.x10hosting.com sex.x10.mx sexypicsblog.x10.bz simanta.x10hosting.com stoned.x10hosting.com teacuppigs.x10hosting.com timehack.pcriot.com touchnew.elementfx.com trenager.pcriot.com unlimited.pcriot.com visualfields.pcriot.com watch4free.x10hosting.com www.elementfx.com www.fogafoga.exofire.net www.menshealth.x10.mx www.pcriot.com xartit.x10hosting.com zzsite.x10.mx
If you don't want to reload your computer as well as, deal with the nightmare that is identity theft, stay away from the various AnonLeaks sites.

We will be adding 69.175.6.102 to the RBN IP List with the next update.

Amazon may be interested to learn that they are hosting a site being utilized by Anonymous:

AnonLeaks. posted Dec 14, 2010 03:57:55 by anonleaks123. Pure Awesomeness. page 1. Back to Topics. Login below to reply: get your own embeddable forum with ...5950853.weebly.tal.ki/20101214/anonleaks-257449/
5950853.weebly.tal.ki a 184.72.247.12 United States
184.72.128.0/17 Amazon IAD prefix AS14618 Amazon-AES-IAD

One of the characteristics that the members of Anonymous have in common with their Russian and Ukrainian cybercriminal benefactors is that they evidently never received a moral education. Another is that they are felons who have earned hard prison time.

James McQuaid
11 February 2011

Posted by Research Trading at 9:22 AM
Labels: , , , ,