#bulletproofhosting — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #bulletproofhosting, aggregated by home.social.
-
The lack of proper vetting of UK corporations' officers details has long been exploited by miscreants (and criticized by investigators).
Thanks to recently strengthened regulation, https://find-and-update.company-information.service.gov.uk/company/17022120/officers proudly notes Davletshin's identity has been verified successfully. What remains to be sorted is the ability of bulletproof hosting operators to successfully establish shell corporations in the UK at all. 🧐
-
The lack of proper vetting of UK corporations' officers details has long been exploited by miscreants (and criticized by investigators).
Thanks to recently strengthened regulation, https://find-and-update.company-information.service.gov.uk/company/17022120/officers proudly notes Davletshin's identity has been verified successfully. What remains to be sorted is the ability of bulletproof hosting operators to successfully establish shell corporations in the UK at all. 🧐
-
The lack of proper vetting of UK corporations' officers details has long been exploited by miscreants (and criticized by investigators).
Thanks to recently strengthened regulation, https://find-and-update.company-information.service.gov.uk/company/17022120/officers proudly notes Davletshin's identity has been verified successfully. What remains to be sorted is the ability of bulletproof hosting operators to successfully establish shell corporations in the UK at all. 🧐
-
The lack of proper vetting of UK corporations' officers details has long been exploited by miscreants (and criticized by investigators).
Thanks to recently strengthened regulation, https://find-and-update.company-information.service.gov.uk/company/17022120/officers proudly notes Davletshin's identity has been verified successfully. What remains to be sorted is the ability of bulletproof hosting operators to successfully establish shell corporations in the UK at all. 🧐
-
The lack of proper vetting of UK corporations' officers details has long been exploited by miscreants (and criticized by investigators).
Thanks to recently strengthened regulation, https://find-and-update.company-information.service.gov.uk/company/17022120/officers proudly notes Davletshin's identity has been verified successfully. What remains to be sorted is the ability of bulletproof hosting operators to successfully establish shell corporations in the UK at all. 🧐
-
BIG TECH IS EVIL
Afgelopen woensdag (8 april 12:53) ontving ik weer eens een bunq phishingmail met daarin de volgende link:
https:⧸⧸bunq.x24hr.com/nD5Wpy
Die "doorstuursite" (en dat is vast niet de enige) stuurde toen door naar de volgende phishingsite:
https:⧸⧸bunq-web.duckdns.org
Die site antwoordt nu niet meer. Zojuist bleek de eerdergenoemde "doorstuursite" mijn browser nu door te sturen naar:
https:⧸⧸bunq-portaal.duckdns.org (screenshot linksboven)
Ook de Duitse hoster SYNLINQ is medeplichtig aan cybercrime.
@DigitaleOverheid : blocklists werken niet, je blijft achter de feiten aanlopen.
Druk op een plaatje om te vergroten.
#BigTechIsEvil #InfoSec #CyberCrime #BulletProofHosting #SYNLINQ #bunqPhishing #bunq #SantanderPhishing #Santander #Odido #OdidoDataLek
-
BIG TECH IS EVIL
Afgelopen woensdag (8 april 12:53) ontving ik weer eens een bunq phishingmail met daarin de volgende link:
https:⧸⧸bunq.x24hr.com/nD5Wpy
Die "doorstuursite" (en dat is vast niet de enige) stuurde toen door naar de volgende phishingsite:
https:⧸⧸bunq-web.duckdns.org
Die site antwoordt nu niet meer. Zojuist bleek de eerdergenoemde "doorstuursite" mijn browser nu door te sturen naar:
https:⧸⧸bunq-portaal.duckdns.org (screenshot linksboven)
Ook de Duitse hoster SYNLINQ is medeplichtig aan cybercrime.
@DigitaleOverheid : blocklists werken niet, je blijft achter de feiten aanlopen.
Druk op een plaatje om te vergroten.
#BigTechIsEvil #InfoSec #CyberCrime #BulletProofHosting #SYNLINQ #bunqPhishing #bunq #SantanderPhishing #Santander #Odido #OdidoDataLek
-
BIG TECH IS EVIL
Afgelopen woensdag (8 april 12:53) ontving ik weer eens een bunq phishingmail met daarin de volgende link:
https:⧸⧸bunq.x24hr.com/nD5Wpy
Die "doorstuursite" (en dat is vast niet de enige) stuurde toen door naar de volgende phishingsite:
https:⧸⧸bunq-web.duckdns.org
Die site antwoordt nu niet meer. Zojuist bleek de eerdergenoemde "doorstuursite" mijn browser nu door te sturen naar:
https:⧸⧸bunq-portaal.duckdns.org (screenshot linksboven)
Ook de Duitse hoster SYNLINQ is medeplichtig aan cybercrime.
@DigitaleOverheid : blocklists werken niet, je blijft achter de feiten aanlopen.
Druk op een plaatje om te vergroten.
#BigTechIsEvil #InfoSec #CyberCrime #BulletProofHosting #SYNLINQ #bunqPhishing #bunq #SantanderPhishing #Santander #Odido #OdidoDataLek
-
BIG TECH IS EVIL
Afgelopen woensdag (8 april 12:53) ontving ik weer eens een bunq phishingmail met daarin de volgende link:
https:⧸⧸bunq.x24hr.com/nD5Wpy
Die "doorstuursite" (en dat is vast niet de enige) stuurde toen door naar de volgende phishingsite:
https:⧸⧸bunq-web.duckdns.org
Die site antwoordt nu niet meer. Zojuist bleek de eerdergenoemde "doorstuursite" mijn browser nu door te sturen naar:
https:⧸⧸bunq-portaal.duckdns.org (screenshot linksboven)
Ook de Duitse hoster SYNLINQ is medeplichtig aan cybercrime.
@DigitaleOverheid : blocklists werken niet, je blijft achter de feiten aanlopen.
Druk op een plaatje om te vergroten.
#BigTechIsEvil #InfoSec #CyberCrime #BulletProofHosting #SYNLINQ #bunqPhishing #bunq #SantanderPhishing #Santander #Odido #OdidoDataLek
-
These are IP netblocks that shouldn’t be trusted ❌
If you’re not automatically ingesting DROP and/or ASN-DROP, now’s the time to fix that:
👉 https://www.spamhaus.org/blocklists/do-not-route-or-peer/Be proactive. Block the worst of the worst IP traffic.
#ThreatIntel #SOC #ThreatHunting #BGP #NetworkSecurity #BulletproofHosting #Infosec
-
These are IP netblocks that shouldn’t be trusted ❌
If you’re not automatically ingesting DROP and/or ASN-DROP, now’s the time to fix that:
👉 https://www.spamhaus.org/blocklists/do-not-route-or-peer/Be proactive. Block the worst of the worst IP traffic.
#ThreatIntel #SOC #ThreatHunting #BGP #NetworkSecurity #BulletproofHosting #Infosec
-
These are IP netblocks that shouldn’t be trusted ❌
If you’re not automatically ingesting DROP and/or ASN-DROP, now’s the time to fix that:
👉 https://www.spamhaus.org/blocklists/do-not-route-or-peer/Be proactive. Block the worst of the worst IP traffic.
#ThreatIntel #SOC #ThreatHunting #BGP #NetworkSecurity #BulletproofHosting #Infosec
-
These are IP netblocks that shouldn’t be trusted ❌
If you’re not automatically ingesting DROP and/or ASN-DROP, now’s the time to fix that:
👉 https://www.spamhaus.org/blocklists/do-not-route-or-peer/Be proactive. Block the worst of the worst IP traffic.
#ThreatIntel #SOC #ThreatHunting #BGP #NetworkSecurity #BulletproofHosting #Infosec
-
These are IP netblocks that shouldn’t be trusted ❌
If you’re not automatically ingesting DROP and/or ASN-DROP, now’s the time to fix that:
👉 https://www.spamhaus.org/blocklists/do-not-route-or-peer/Be proactive. Block the worst of the worst IP traffic.
#ThreatIntel #SOC #ThreatHunting #BGP #NetworkSecurity #BulletproofHosting #Infosec
-
Its current uplink is a familiar name, seen in conjunction with bulletproof hosting and IP hijacking before: 🇩🇪 Pfcloud UG (AS51396) - You always meet twice in life, indeed.
Corporate register data suggest the legitimate owners of 160.65.0.0/16 and 143.222.0.0/16 seem still active. We ask them to investigate, and secure their networks.
-
Its current uplink is a familiar name, seen in conjunction with bulletproof hosting and IP hijacking before: 🇩🇪 Pfcloud UG (AS51396) - You always meet twice in life, indeed.
Corporate register data suggest the legitimate owners of 160.65.0.0/16 and 143.222.0.0/16 seem still active. We ask them to investigate, and secure their networks.
-
Its current uplink is a familiar name, seen in conjunction with bulletproof hosting and IP hijacking before: 🇩🇪 Pfcloud UG (AS51396) - You always meet twice in life, indeed.
Corporate register data suggest the legitimate owners of 160.65.0.0/16 and 143.222.0.0/16 seem still active. We ask them to investigate, and secure their networks.
-
Its current uplink is a familiar name, seen in conjunction with bulletproof hosting and IP hijacking before: 🇩🇪 Pfcloud UG (AS51396) - You always meet twice in life, indeed.
Corporate register data suggest the legitimate owners of 160.65.0.0/16 and 143.222.0.0/16 seem still active. We ask them to investigate, and secure their networks.
-
Its current uplink is a familiar name, seen in conjunction with bulletproof hosting and IP hijacking before: 🇩🇪 Pfcloud UG (AS51396) - You always meet twice in life, indeed.
Corporate register data suggest the legitimate owners of 160.65.0.0/16 and 143.222.0.0/16 seem still active. We ask them to investigate, and secure their networks.
-
Hey #PoPo , word eens #FSCKING wakker!
BTW "mezohost․cc" (samen met subdomains "plesk." en 'backup.") verstopt zich achter Cloudflare met certificaten van "Google Trust Services": https://www.virustotal.com/gui/domain/mezohost.cc
(Edit) Sinds 1 juni dit jaar: https://crt.sh/?Identity=mezohost.cc
#BulletProofHosting #MezoHostCC #RailNetLLC #CyberCrime #CyberCriminaliteit #OVHisEvil #BigTechIsEvil #Politie #GoogleIsEvil #CloudflareIsEvil
-
Hey #PoPo , word eens #FSCKING wakker!
BTW "mezohost․cc" (samen met subdomains "plesk." en 'backup.") verstopt zich achter Cloudflare met certificaten van "Google Trust Services": https://www.virustotal.com/gui/domain/mezohost.cc
(Edit) Sinds 1 juni dit jaar: https://crt.sh/?Identity=mezohost.cc
#BulletProofHosting #MezoHostCC #RailNetLLC #CyberCrime #CyberCriminaliteit #OVHisEvil #BigTechIsEvil #Politie #GoogleIsEvil #CloudflareIsEvil
-
a russian hosting service that takes payment in crypto, Aeza Group, was just hit with #OFAC sanctions.
they've sent funds to a bunch of the shadiest crypto exchanges - #Cryptomus, #MEXC, #Binance, and (of course) #HTX, the crypto exchange run by the business partner of the president of the united states.
also looks like they took payment in #Tether, the #stablecoin whose money is managed by america's secretary of commerce howard lutnick.
* OFAC press release: https://ofac.treasury.gov/recent-actions/20250701
* Wallet: https://intel.arkm.com/explorer/address/TU4tDFRvcKhAZ1jdihojmBWZqvJhQCnJ4F#JustinSun #threatintel #threatassessment #DNS #bulletproofhosting #cybersecurity #infosec #justinSun #howardlutnick #ransomware #russia #putin #vladimirPutin #ukraine #aeza #aezagroup
-
🥰 Show your network some love: Get Spamhaus’ free DROP lists to block known malicious IP ranges before they reach your network - access the lists here 👉 https://www.spamhaus.org/blocklists/do-not-route-or-peer/
-
🎯 New Year’s resolution: Get Spamhaus’ free DROP lists to block known malicious IP ranges before they ever reach your network.
Start the year protected - access the list here 👇
https://www.spamhaus.org/blocklists/do-not-route-or-peer/ -
🔥 Want an easy, free way to block this traffic? Grab the DROP list here: ⬇️ ⬇️
https://www.spamhaus.org/blocklists/do-not-route-or-peer/ -
Kosten, naar verluidt: € 1,17. Resultaat: de bankrekening achter uw creditcard maximaal in het rood.
Geen dank aan Let's Encrypt voor het certificaat.
En de hele IP-reeks is crimineel (158.94.208.0 - 158.94.211.255, servers waarschijnlijk in Nederland). De nep KPN-inlog website aldaar gehost is ook nog steeds live (screenshots in https://todon.nl/@ErikvanStraten/115462433239010045).
#Phishing #CyberCrime #BulletProofHosting #LANEDONET #LetsEncryptIsEvil
-
This week, everywhere you look, bulletproof hosting (BPH) is in cyber news headlines. From the CrazyRDP takedown, to sanctions against entities adjacent to Aeza, and most recently Media Land LLC and ML[.]Cloud] LLC (do these measures actually move the needle?), to new CISA guidance on mitigating BPH activities.🛡️
It’s clear the spotlight is firmly on one of cybercrime’s most persistent enablers. And for a good reason. Few infrastructures have enabled so much criminal activity, for so long, with such resilience.Spamhaus has tracked BPH operators and their evolving tactics for decades. 🕵️ We've watched the ecosystem shift from monolithic BPHs to layered and complex business structures.
So, amid the sensational headlines, we’ve compiled a grounded look at the topic, covering: the history, the current landscape, and where the threat landscape is likely to head next.
Read it in full here 👉 https://www.spamhaus.org/resource-hub/bulletproof-hosting/the-anatomy-of-bulletproof-hosting-past-present-future-/ -
US and Allies Sanction Russian Bulletproof Hosting Service Providers https://www.securityweek.com/us-and-allies-sanction-russian-bulletproof-hosting-service-providers/ #bulletproofhosting #Cybercrime #sanctions #Russia
-
📬 Operation Endgame trifft die Infrastruktur im Kern
#Rechtssachen #Szene #BulletproofHosting #CrazyRDP #Durchsuchungen #Infrastruktur #MalwareTeams #Politie #razzia https://sc.tarnkappe.info/824e26 -
On November 12, around 250 physical servers were seized by the Dutch police at two datacenters in the Netherlands 👉 https://www.politie.nl/nieuws/2025/november/14/02---duizenden-servers-in-beslaggenomen-in-omvangrijk-cybercrime-onderzoek.html
We assess the unnamed #bulletproofhosting provider (BPH) is CrazyRDP, a major #cybercrime hub previously operating front companies such as 🇺🇸 Delis LLC (AS211252), 🇺🇸 Limenet LLC (AS394711) and, most recently, 🇺🇸 Sovy Cloud Services (AS401110) and its downstreams (all incorporated in 🇺🇸 as well): ... ⤵️ 1/2
-
Like all other internet abuse, bulletproof hosting does not just happen - it is enabled by facilitators such as network carriers, datacenter operators, IP brokers and domain registrars. Sometimes, malicious infrastructure agglomerates in the internet vicinity of such facilitators - why not join the show if your criminal competitors thrive there already?🧐
A particularly prolific example is 🇩🇪aurologic GmbH (regular readers might recognize the name), as highlighted by Recorded Future in a report published on November 6 ⤵️
https://www.recordedfuture.com/research/malicious-infrastructure-finds-stability-with-aurologic-gmbh#Cybercrime #BulletproofHosting #ThreatIntel #HostingProviders
-
This is traffic you DO NOT want to connect with. ✋
🔥 Get FREE access to this additional layer of protection here ⬇️ ⬇️
https://www.spamhaus.org/blocklists/do-not-route-or-peer/ -
DROP is free to use, giving you an extra layer of protection against the worst IP space on the internet.
Access it here ⬇️ ⬇️
https://www.spamhaus.org/blocklists/do-not-route-or-peer/ -
(🇺🇸 49.3 Networking LLC), a bulletproof hosting provider we've previously reported on. The sole network it propagates follows a similar hosting pattern than those currently announced by AS213441. Both ASNs share the same uplink, corroborating the suspicion that they might be part of the same cybercriminal operation.
Finished your meal? Have some mint DROPs to take away the phish 👉 https://www.spamhaus.org/blocklists/do-not-route-or-peer/ and protect your network. Enjoy!
#BulletproofHosting #Phishing #Cybercrime #OSINT
3/3
-
Bulletproof host Stark Industries evades EU sanctions
https://krebsonsecurity.com/2025/09/bulletproof-host-stark-industries-evades-eu-sanctions/
#HackerNews #BulletproofHosting #StarkIndustries #EUSanctions #CyberSecurity #DigitalPrivacy
-
https://www.spamhaus.org/blocklists/do-not-route-or-peer/
Remember, this is traffic you do not want to connect with.
-
Behind the Curtain: How Lumma Affiliates Operate
#Lumma #GhostSocks #AnonRDP #BulletproofHosting #HostCay #OnlineSIM #SMS_Activate #Zadarma
https://www.recordedfuture.com/research/behind-the-curtain-how-lumma-affiliates-operate -
🔥 Spamhaus provides FREE access to anyone who wants to add this layer of protection.
Get it here ➡️ https://www.spamhaus.org/blocklists/do-not-route-or-peer/
Remember, this is traffic you do not want to connect with. Not ever. DROP it now.
-
U.S. Sanctions Russia’s Aeza Group for aiding crooks with bulletproof hosting – Source: securityaffairs.com https://ciso2ciso.com/u-s-sanctions-russias-aeza-group-for-aiding-crooks-with-bulletproof-hosting-source-securityaffairs-com/ #rssfeedpostgeneratorecho #informationsecuritynews #ITInformationSecurity #bulletproofhosting #SecurityAffairscom #CyberSecurityNews #PierluigiPaganini #SecurityAffairs #SecurityAffairs #BreakingNews #SecurityNews #hackingnews #CyberCrime #Cybercrime #hacking
-
Get it here ➡️ https://www.spamhaus.org/blocklists/do-not-route-or-peer/
Remember, this is traffic you do not want to connect with. Not ever. DROP it and move on.
-
📬 CODA gegen die Szene: Der globale Krieg gegen Anime-Piraterie
#Rechtssachen #Szene #BilibiliTV #BulletProofHosting #ComplianceRaten #DMCALöschanfragen #MP4Upload #Streamtape https://sc.tarnkappe.info/3c9909 -
Get it here ➡️ https://www.spamhaus.org/blocklists/do-not-route-or-peer/
Remember, this is traffic you do not want to connect with. Not ever. DROP it and move on.
-
❗Latest Spamhaus DROP Listings, from the worst of the worst IP traffic:
SBL678470 ➡️ https://check.spamhaus.org/results?query=SBL678470
SBL678435 ➡️ https://check.spamhaus.org/results?query=SBL678435
SBL678397 ➡️ https://check.spamhaus.org/results?query=SBL678397
SBL678390 ➡️ https://check.spamhaus.org/results?query=SBL678390
SBL678365 ➡️ https://check.spamhaus.org/results?query=SBL678365
SBL678358 ➡️ https://check.spamhaus.org/results?query=SBL678358
SBL678357 ➡️ https://check.spamhaus.org/results?query=SBL678357
SBL678356 ➡️ https://check.spamhaus.org/results?query=SBL678356
SBL678355 ➡️ https://check.spamhaus.org/results?query=SBL678355
SBL678259 ➡️ https://check.spamhaus.org/results?query=SBL678259
SBL678229 ➡️ https://check.spamhaus.org/results?query=SBL678229⛔️ This is traffic you DO NOT want to connect with.
Did you know you can use Spamhaus' DROP lists for free? Gain protection from the worst of the worst IP traffic now - access the DROP and ASN-DROP lists here 👇
https://www.spamhaus.org/blocklists/do-not-route-or-peer/ -
Many Malware Campaigns Linked to Proton66 Network – Source: www.securityweek.com https://ciso2ciso.com/many-malware-campaigns-linked-to-proton66-network-source-www-securityweek-com/ #rssfeedpostgeneratorecho #bulletproofhosting #CyberSecurityNews #Malware&Threats #securityweekcom #securityweek #Proton66 #Malware #ASN
-
Many Malware Campaigns Linked to Proton66 Network https://www.securityweek.com/many-malware-campaigns-linked-to-proton66-network/ #bulletproofhosting #Malware&Threats #Proton66 #malware #ASN
-
Many Malware Campaigns Linked to Proton66 Network https://www.securityweek.com/many-malware-campaigns-linked-to-proton66-network/ #bulletproofhosting #Malware&Threats #Proton66 #malware #ASN
-
German police seize “bulletproof” hosting data center in former NATO bunker - Enlarge / Sven Olaf Kamphuis's Facebook profile picture, taken in front of the original CyberBunker... more: https://arstechnica.com/?p=1577045 #bullet-proofhosting #bulletproofhosting #wallstreetmarket #darkwebmarkets #cyberbunker #spamhaus #biz&it #policy
-
Good news (at first glance): Silent Connection Ltd and Dolphin 1337 Limited, two UK-based corporations flagged by Spamhaus as being used for bulletproof hosting, were compulsory dissolved on January 28th and January 14th, respectively. 🙌
Unfortunately, their networks (AS215240 and AS215208) remain active...
Silent Connection quickly secured fresh IP blocks on January 26th through ZeXoTeK IT-Services (whose website, zexotek.de, oddly redirects to Google 🤔). Similarly, Dolphin 1337 Limited acquired new IP space on February 4th.
Even after both companies' were dissolved, these IPs are still operational - effectively making them digital no man’s land.
Luckily, Spamhaus DROP users are protected by the following listings:
⬇️ DROP 176.65.134.0/24 -> https://check.spamhaus.org/results?query=SBL673819
⬇️ DROP 176.65.139.0/24 -> https://check.spamhaus.org/results?query=SBL673820
⬇️ DROP 176.65.140.0/23 -> https://check.spamhaus.org/results?query=SBL673821
⬇️ DROP 176.65.142.0/24 -> https://check.spamhaus.org/results?query=SBL673822
⬇️ DROP 176.65.144.0/24 -> https://check.spamhaus.org/results?query=SBL673823
⬇️ DROP 176.65.143.0/24 -> https://check.spamhaus.org/results?query=SBL673922
This incident highlights why robust customer vetting is a necessity. Silent Connection's imminent dissolution was already visible on the UK company register as of November 5th - a clear red flag. 🚩
Spamhaus recommends always vetting new customers, and checking their commercial registry data before providing services. 🕵
Find a link to the DROP Lists in the comments 👇
-
Breaking the law: How 8chan (or “8kun”) got (briefly) back online - Enlarge / Snek goes dark. (credit: Getty Images)
The successor to 8chan, 8kun, made a somewhat br... more: https://arstechnica.com/?p=1597257 #bulletproofhosting #bgphijacking #cloudflare #vanwanet #biz&it #8chan #bogon #8kun #bgp