Permanent Links


What should be the topic for the next Impossibly Stupid poll?

A Town Square Poll Space

Tech Corner

See Also

[ICO]NameLast modifiedSizeDescription

[PARENTDIR]Parent Directory  -  
[TXT]README.html2014-11-29 12:14 3.3K 
[   ]info.json2014-12-09 01:41 40  
[   ]tags=logged2015-03-26 18:30 0  
[   ]tags=meta2015-03-26 18:30 0  

Spam Outings, Round 10

You didn't really think it'd stop, did you? We start off with another series of educational institutions:

Brisbane Boys' College
Kensington Tce
Toowong QLD 4066

spammed us on Monday, 1 February 2010 - 7:25pm, 7:39pm, 7:50pm, 8:02pm, 8:03pm and 8:12pm via IP

Prince of Songkla University
Computer Center
Korhong, Hatyai, Songkhla, 90110

spammed us on Monday, 1 February 2010 - 5:28pm; Thursday, 4 February 2010 - 10:08am via IP

Polish Academy of Science
Institute of Bioorganic Chemistry
Poznan Supercomputing and Networking Center
ul. Noskowskiego 12/14
61-704 Poznan

spammed us on Friday, 5 February 2010 - 2:58pm via IP

That's right, the botnets even have access to a supercomputing center, and yet they haven't figured out anything better to do with it than spam dumb blogs like mine.

Next up with have an otherwise generic IP block owner:

Cox Communications
1400 Lake Hearn Dr
Atlanta, GA 30319

spammed us on Monday, 1 February 2010 - 5:26pm, 7:25pm, 7:30pm, 7:31pm, 7:39pm and 8:03pm; Thursday, 4 February 2010 - 2:35am; Friday, 5 February 2010 - 6:05pm, 8:00pm, and 8:05pm via IP

What is notable about that IP is that it resolves to The Production Advantage, Inc. appears to be a direct marketing company, so if you've ever done business with them, it's a good bet that your data has been compromised. They even helpfully list their clients, so if you've ever given your personal information to any of those organizations, you might want to contact them regarding your pending identity theft.

Another generic IP block owner:

1 SAVVIS Parkway
Town and Country, MO 63017

spammed us on Thursday, 4 February 2010 - 11:20am via IP

That IP resolves to I will helpfully point out that belongs to American Greetings. As though it weren't bad enough for your "friends" to give up your identity for a stupid eCard, welcome to their insecure system that gives it up to people that are probably even worse.

And it's always the most fun when someone selling security is insecure:

10101 N. De Anza Blvd,
Cupertino, CA 95014

spammed us on Monday, 1 February 2010 - 8:08pm via IP

and in an odd twist, they also came in a half hour earlier from half way around the world, doing a scouting mission on Monday, 1 February 2010 - 7:33pm via IP

The slogan on their site is "Securing Your Web World". Since they can't secure their own, I have my doubts. Their traffic pattern is so strange, though, it makes me think that they themselves might be abusing network resources instead of being part of someone else's botnet.