Friday, September 11, 2009

RBN Attacking White House Anti-Drug Web Sites

In another example of the RBN revealing the true measure of their malice, White House Anti-Drug Sites have been attacked over the past week.

Malware Domain List reported on September 5th that, the website of Office of National Drug Control Policy had been compromised. In that instance, the site was directing visitors to a trojan: directs to trojan 2009/09/05. features White House Drug Policy initiatives, programs, and resources as well as, testimony and press releases. The site outlines National Drug Control Strategy goals and objectives.

Today, I found that, which is a data receptor for the notorious Clampi banking Trojan (Trojan.Clampi) had an A record pointing to This is the same IP address reserved for use by, the "Parents: The Anti-Drug" site created by Fleishman-Hillard (a leader in international marketing and communications).

AS2914 NTTC-GIN-AS NTT Communications Global IP Network
DNS Records
base record name ip reverse route as a
United States a
United States a
United States a
United States

Alexei Vasiliev, a familiar RBN criminal involved in the propagation of the Clampi banking Trojan, used his email address ( to register one of the known Clampi domains.