home.social

#bulletproofhosting — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #bulletproofhosting, aggregated by home.social.

  1. The lack of proper vetting of UK corporations' officers details has long been exploited by miscreants (and criticized by investigators).

    Thanks to recently strengthened regulation, find-and-update.company-inform proudly notes Davletshin's identity has been verified successfully. What remains to be sorted is the ability of bulletproof hosting operators to successfully establish shell corporations in the UK at all. 🧐

    #OSINT #BulletproofHosting #Cybercrime #UK

  2. The lack of proper vetting of UK corporations' officers details has long been exploited by miscreants (and criticized by investigators).

    Thanks to recently strengthened regulation, find-and-update.company-inform proudly notes Davletshin's identity has been verified successfully. What remains to be sorted is the ability of bulletproof hosting operators to successfully establish shell corporations in the UK at all. 🧐

    #OSINT #BulletproofHosting #Cybercrime #UK

  3. The lack of proper vetting of UK corporations' officers details has long been exploited by miscreants (and criticized by investigators).

    Thanks to recently strengthened regulation, find-and-update.company-inform proudly notes Davletshin's identity has been verified successfully. What remains to be sorted is the ability of bulletproof hosting operators to successfully establish shell corporations in the UK at all. 🧐

    #OSINT #BulletproofHosting #Cybercrime #UK

  4. The lack of proper vetting of UK corporations' officers details has long been exploited by miscreants (and criticized by investigators).

    Thanks to recently strengthened regulation, find-and-update.company-inform proudly notes Davletshin's identity has been verified successfully. What remains to be sorted is the ability of bulletproof hosting operators to successfully establish shell corporations in the UK at all. 🧐

    #OSINT #BulletproofHosting #Cybercrime #UK

  5. The lack of proper vetting of UK corporations' officers details has long been exploited by miscreants (and criticized by investigators).

    Thanks to recently strengthened regulation, find-and-update.company-inform proudly notes Davletshin's identity has been verified successfully. What remains to be sorted is the ability of bulletproof hosting operators to successfully establish shell corporations in the UK at all. 🧐

    #OSINT #BulletproofHosting #Cybercrime #UK

  6. BIG TECH IS EVIL

    Afgelopen woensdag (8 april 12:53) ontving ik weer eens een bunq phishingmail met daarin de volgende link:

    https:⧸⧸bunq.x24hr.com/nD5Wpy

    Die "doorstuursite" (en dat is vast niet de enige) stuurde toen door naar de volgende phishingsite:

    https:⧸⧸bunq-web.duckdns.org

    Die site antwoordt nu niet meer. Zojuist bleek de eerdergenoemde "doorstuursite" mijn browser nu door te sturen naar:

    https:⧸⧸bunq-portaal.duckdns.org (screenshot linksboven)

    Ook de Duitse hoster SYNLINQ is medeplichtig aan cybercrime.

    @DigitaleOverheid : blocklists werken niet, je blijft achter de feiten aanlopen.

    Druk op een plaatje om te vergroten.

    #BigTechIsEvil #InfoSec #CyberCrime #BulletProofHosting #SYNLINQ #bunqPhishing #bunq #SantanderPhishing #Santander #Odido #OdidoDataLek

  7. BIG TECH IS EVIL

    Afgelopen woensdag (8 april 12:53) ontving ik weer eens een bunq phishingmail met daarin de volgende link:

    https:⧸⧸bunq.x24hr.com/nD5Wpy

    Die "doorstuursite" (en dat is vast niet de enige) stuurde toen door naar de volgende phishingsite:

    https:⧸⧸bunq-web.duckdns.org

    Die site antwoordt nu niet meer. Zojuist bleek de eerdergenoemde "doorstuursite" mijn browser nu door te sturen naar:

    https:⧸⧸bunq-portaal.duckdns.org (screenshot linksboven)

    Ook de Duitse hoster SYNLINQ is medeplichtig aan cybercrime.

    @DigitaleOverheid : blocklists werken niet, je blijft achter de feiten aanlopen.

    Druk op een plaatje om te vergroten.

    #BigTechIsEvil #InfoSec #CyberCrime #BulletProofHosting #SYNLINQ #bunqPhishing #bunq #SantanderPhishing #Santander #Odido #OdidoDataLek

  8. BIG TECH IS EVIL

    Afgelopen woensdag (8 april 12:53) ontving ik weer eens een bunq phishingmail met daarin de volgende link:

    https:⧸⧸bunq.x24hr.com/nD5Wpy

    Die "doorstuursite" (en dat is vast niet de enige) stuurde toen door naar de volgende phishingsite:

    https:⧸⧸bunq-web.duckdns.org

    Die site antwoordt nu niet meer. Zojuist bleek de eerdergenoemde "doorstuursite" mijn browser nu door te sturen naar:

    https:⧸⧸bunq-portaal.duckdns.org (screenshot linksboven)

    Ook de Duitse hoster SYNLINQ is medeplichtig aan cybercrime.

    @DigitaleOverheid : blocklists werken niet, je blijft achter de feiten aanlopen.

    Druk op een plaatje om te vergroten.

    #BigTechIsEvil #InfoSec #CyberCrime #BulletProofHosting #SYNLINQ #bunqPhishing #bunq #SantanderPhishing #Santander #Odido #OdidoDataLek

  9. BIG TECH IS EVIL

    Afgelopen woensdag (8 april 12:53) ontving ik weer eens een bunq phishingmail met daarin de volgende link:

    https:⧸⧸bunq.x24hr.com/nD5Wpy

    Die "doorstuursite" (en dat is vast niet de enige) stuurde toen door naar de volgende phishingsite:

    https:⧸⧸bunq-web.duckdns.org

    Die site antwoordt nu niet meer. Zojuist bleek de eerdergenoemde "doorstuursite" mijn browser nu door te sturen naar:

    https:⧸⧸bunq-portaal.duckdns.org (screenshot linksboven)

    Ook de Duitse hoster SYNLINQ is medeplichtig aan cybercrime.

    @DigitaleOverheid : blocklists werken niet, je blijft achter de feiten aanlopen.

    Druk op een plaatje om te vergroten.

    #BigTechIsEvil #InfoSec #CyberCrime #BulletProofHosting #SYNLINQ #bunqPhishing #bunq #SantanderPhishing #Santander #Odido #OdidoDataLek

  10. These are IP netblocks that shouldn’t be trusted ❌

    If you’re not automatically ingesting DROP and/or ASN-DROP, now’s the time to fix that:
    👉 spamhaus.org/blocklists/do-not

    Be proactive. Block the worst of the worst IP traffic.

    #ThreatIntel #SOC #ThreatHunting #BGP #NetworkSecurity #BulletproofHosting #Infosec

  11. These are IP netblocks that shouldn’t be trusted ❌

    If you’re not automatically ingesting DROP and/or ASN-DROP, now’s the time to fix that:
    👉 spamhaus.org/blocklists/do-not

    Be proactive. Block the worst of the worst IP traffic.

    #ThreatIntel #SOC #ThreatHunting #BGP #NetworkSecurity #BulletproofHosting #Infosec

  12. These are IP netblocks that shouldn’t be trusted ❌

    If you’re not automatically ingesting DROP and/or ASN-DROP, now’s the time to fix that:
    👉 spamhaus.org/blocklists/do-not

    Be proactive. Block the worst of the worst IP traffic.

    #ThreatIntel #SOC #ThreatHunting #BGP #NetworkSecurity #BulletproofHosting #Infosec

  13. These are IP netblocks that shouldn’t be trusted ❌

    If you’re not automatically ingesting DROP and/or ASN-DROP, now’s the time to fix that:
    👉 spamhaus.org/blocklists/do-not

    Be proactive. Block the worst of the worst IP traffic.

    #ThreatIntel #SOC #ThreatHunting #BGP #NetworkSecurity #BulletproofHosting #Infosec

  14. These are IP netblocks that shouldn’t be trusted ❌

    If you’re not automatically ingesting DROP and/or ASN-DROP, now’s the time to fix that:
    👉 spamhaus.org/blocklists/do-not

    Be proactive. Block the worst of the worst IP traffic.

    #ThreatIntel #SOC #ThreatHunting #BGP #NetworkSecurity #BulletproofHosting #Infosec

  15. Its current uplink is a familiar name, seen in conjunction with bulletproof hosting and IP hijacking before: 🇩🇪 Pfcloud UG (AS51396) - You always meet twice in life, indeed.

    Corporate register data suggest the legitimate owners of 160.65.0.0/16 and 143.222.0.0/16 seem still active. We ask them to investigate, and secure their networks.

    #Cybercrime #OSINT #BulletproofHosting

  16. Its current uplink is a familiar name, seen in conjunction with bulletproof hosting and IP hijacking before: 🇩🇪 Pfcloud UG (AS51396) - You always meet twice in life, indeed.

    Corporate register data suggest the legitimate owners of 160.65.0.0/16 and 143.222.0.0/16 seem still active. We ask them to investigate, and secure their networks.

    #Cybercrime #OSINT #BulletproofHosting

  17. Its current uplink is a familiar name, seen in conjunction with bulletproof hosting and IP hijacking before: 🇩🇪 Pfcloud UG (AS51396) - You always meet twice in life, indeed.

    Corporate register data suggest the legitimate owners of 160.65.0.0/16 and 143.222.0.0/16 seem still active. We ask them to investigate, and secure their networks.

    #Cybercrime #OSINT #BulletproofHosting

  18. Its current uplink is a familiar name, seen in conjunction with bulletproof hosting and IP hijacking before: 🇩🇪 Pfcloud UG (AS51396) - You always meet twice in life, indeed.

    Corporate register data suggest the legitimate owners of 160.65.0.0/16 and 143.222.0.0/16 seem still active. We ask them to investigate, and secure their networks.

    #Cybercrime #OSINT #BulletproofHosting

  19. Its current uplink is a familiar name, seen in conjunction with bulletproof hosting and IP hijacking before: 🇩🇪 Pfcloud UG (AS51396) - You always meet twice in life, indeed.

    Corporate register data suggest the legitimate owners of 160.65.0.0/16 and 143.222.0.0/16 seem still active. We ask them to investigate, and secure their networks.

    #Cybercrime #OSINT #BulletproofHosting

  20. a russian hosting service that takes payment in crypto, Aeza Group, was just hit with #OFAC sanctions.

    they've sent funds to a bunch of the shadiest crypto exchanges - #Cryptomus, #MEXC, #Binance, and (of course) #HTX, the crypto exchange run by the business partner of the president of the united states.

    also looks like they took payment in #Tether, the #stablecoin whose money is managed by america's secretary of commerce howard lutnick.

    * OFAC press release: ofac.treasury.gov/recent-actio
    * Wallet: intel.arkm.com/explorer/addres

    #JustinSun #threatintel #threatassessment #DNS #bulletproofhosting #cybersecurity #infosec #justinSun #howardlutnick #ransomware #russia #putin #vladimirPutin #ukraine #aeza #aezagroup

  21. 🥰 Show your network some love: Get Spamhaus’ free DROP lists to block known malicious IP ranges before they reach your network - access the lists here 👉 spamhaus.org/blocklists/do-not

    #ThreatIntel #NetworkSecurity #BulletproofHosting

  22. 🎯 New Year’s resolution: Get Spamhaus’ free DROP lists to block known malicious IP ranges before they ever reach your network.

    Start the year protected - access the list here 👇
    spamhaus.org/blocklists/do-not

    #DROP #IPs #ThreatIntel #NetworkHygiene #BulletproofHosting

  23. Kosten, naar verluidt: € 1,17. Resultaat: de bankrekening achter uw creditcard maximaal in het rood.

    Geen dank aan Let's Encrypt voor het certificaat.

    En de hele IP-reeks is crimineel (158.94.208.0 - 158.94.211.255, servers waarschijnlijk in Nederland). De nep KPN-inlog website aldaar gehost is ook nog steeds live (screenshots in todon.nl/@ErikvanStraten/11546).

    #Phishing #CyberCrime #BulletProofHosting #LANEDONET #LetsEncryptIsEvil

  24. This week, everywhere you look, bulletproof hosting (BPH) is in cyber news headlines. From the CrazyRDP takedown, to sanctions against entities adjacent to Aeza, and most recently Media Land LLC and ML[.]Cloud] LLC (do these measures actually move the needle?), to new CISA guidance on mitigating BPH activities.🛡️

    It’s clear the spotlight is firmly on one of cybercrime’s most persistent enablers. And for a good reason. Few infrastructures have enabled so much criminal activity, for so long, with such resilience.

    Spamhaus has tracked BPH operators and their evolving tactics for decades. 🕵️ We've watched the ecosystem shift from monolithic BPHs to layered and complex business structures.

    So, amid the sensational headlines, we’ve compiled a grounded look at the topic, covering: the history, the current landscape, and where the threat landscape is likely to head next.

    Read it in full here 👉 spamhaus.org/resource-hub/bull

    #Bulletproofhosting #Cybercrime

  25. On November 12, around 250 physical servers were seized by the Dutch police at two datacenters in the Netherlands 👉 politie.nl/nieuws/2025/novembe

    We assess the unnamed #bulletproofhosting provider (BPH) is CrazyRDP, a major #cybercrime hub previously operating front companies such as 🇺🇸 Delis LLC (AS211252), 🇺🇸 Limenet LLC (AS394711) and, most recently, 🇺🇸 Sovy Cloud Services (AS401110) and its downstreams (all incorporated in 🇺🇸 as well): ... ⤵️ 1/2

  26. Like all other internet abuse, bulletproof hosting does not just happen - it is enabled by facilitators such as network carriers, datacenter operators, IP brokers and domain registrars. Sometimes, malicious infrastructure agglomerates in the internet vicinity of such facilitators - why not join the show if your criminal competitors thrive there already?🧐

    A particularly prolific example is 🇩🇪aurologic GmbH (regular readers might recognize the name), as highlighted by Recorded Future in a report published on November 6 ⤵️
    recordedfuture.com/research/ma

    #Cybercrime #BulletproofHosting #ThreatIntel #HostingProviders

  27. This is traffic you DO NOT want to connect with. ✋

    🔥 Get FREE access to this additional layer of protection here ⬇️ ⬇️
    spamhaus.org/blocklists/do-not

    #DROP #IPs #BulletproofHosting #ThreatIntel

  28. DROP is free to use, giving you an extra layer of protection against the worst IP space on the internet.

    Access it here ⬇️ ⬇️
    spamhaus.org/blocklists/do-not

    #DROP #IPs #BulletproofHosting #ThreatIntel

  29. (🇺🇸 49.3 Networking LLC), a bulletproof hosting provider we've previously reported on. The sole network it propagates follows a similar hosting pattern than those currently announced by AS213441. Both ASNs share the same uplink, corroborating the suspicion that they might be part of the same cybercriminal operation.

    Finished your meal? Have some mint DROPs to take away the phish 👉 spamhaus.org/blocklists/do-not and protect your network. Enjoy!

    #BulletproofHosting #Phishing #Cybercrime #OSINT

    3/3

  30. 🔥 Spamhaus provides FREE access to anyone who wants to add this layer of protection.

    Get it here ➡️ spamhaus.org/blocklists/do-not

    Remember, this is traffic you do not want to connect with. Not ever. DROP it now.

    #DROP #IPs #BulletproofHosting #ThreatIntel

  31. German police seize “bulletproof” hosting data center in former NATO  bunker - Enlarge / Sven Olaf Kamphuis's Facebook profile picture, taken in front of the original CyberBunker... more: arstechnica.com/?p=1577045 #bullet-proofhosting #bulletproofhosting #wallstreetmarket #darkwebmarkets #cyberbunker #spamhaus #biz&it #policy

  32. Good news (at first glance): Silent Connection Ltd and Dolphin 1337 Limited, two UK-based corporations flagged by Spamhaus as being used for bulletproof hosting, were compulsory dissolved on January 28th and January 14th, respectively. 🙌

    Unfortunately, their networks (AS215240 and AS215208) remain active...

    Silent Connection quickly secured fresh IP blocks on January 26th through ZeXoTeK IT-Services (whose website, zexotek.de, oddly redirects to Google 🤔). Similarly, Dolphin 1337 Limited acquired new IP space on February 4th.

    Even after both companies' were dissolved, these IPs are still operational - effectively making them digital no man’s land.

    Luckily, Spamhaus DROP users are protected by the following listings:

    ⬇️ DROP 176.65.134.0/24 -> check.spamhaus.org/results?que

    ⬇️ DROP 176.65.139.0/24 -> check.spamhaus.org/results?que

    ⬇️ DROP 176.65.140.0/23 -> check.spamhaus.org/results?que

    ⬇️ DROP 176.65.142.0/24 -> check.spamhaus.org/results?que

    ⬇️ DROP 176.65.144.0/24 -> check.spamhaus.org/results?que

    ⬇️ DROP 176.65.143.0/24 -> check.spamhaus.org/results?que

    This incident highlights why robust customer vetting is a necessity. Silent Connection's imminent dissolution was already visible on the UK company register as of November 5th - a clear red flag. 🚩

    Spamhaus recommends always vetting new customers, and checking their commercial registry data before providing services. 🕵

    Find a link to the DROP Lists in the comments 👇

    #KYC #AbusePrevention #BulletproofHosting #DROP

  33. Breaking the law: How 8chan (or “8kun”) got (briefly) back online - Enlarge / Snek goes dark. (credit: Getty Images)
    The successor to 8chan, 8kun, made a somewhat br... more: arstechnica.com/?p=1597257 #bulletproofhosting #bgphijacking #cloudflare #vanwanet #biz&it #8chan #bogon #8kun #bgp