Hey James,
That's the worst part in all this, so many been with me for years!? I just
On Sun, Sep 21, 2008 at 12:46:54PM -0700, Emil Kacperski wrote: put my fate into companies I shouldn't have. Emil: Yes, they have been with you for years -- it's quite unfortunate, such great customers. Take those customers who steal identity from the public -- did you get a cut, or just the hosting fees? Next, move to those who host trojans, rogue antivirus, bill people for fake software (and keep billing them), etc. Oh, and the ad-ware, despite being a lower security risk, it was some of the most hated stuff out there. I'd say you have put your fate into companies you shouldn't have -- not just your fate but your business. This is the logical result (actually, this is just the start). I'm surprised it took so long. You can't wash away years of malicious activity by simply claiming innocence and disconnecting some of your worst offenders. Male parta male dilabuntur. For the NANOG folks who apparently don't understand what is going on and are so easily socially engineered by these claims of innocence -- do a little research: http://www.google.com/search?hl=en&q=intercage+malware http://www.google.com/search?hl=en&q=atrivo+malware ======================================================== Here's some research for you: Complaints on Intercage/Atrivo from 2003: Re: The in-your-face hijacking example http://www.irbs.net/internet/nanog/0305/0038.html ========================================================
From 2006: More super rogue anti-spyware http://updates.zdnet.com/tags/intercage.com.html
Be on the lookout for another new supposed anti-spyware program that might be hijacking desktops any day now. This one is called PestTrap and it.s a clone of SpySheriff. SpySheriff was one of the top 10 rogue anti-spyware apps of 2005, coming in at number 2. PestTrap site is hosted at IP address 69.50.167.173 which belongs to an ISP in California, InterCage, Inc., formerly know n as Atrivo. Note the nameservers are mail.atrrivo.com and pavel.atrivo.com . OrgName: InterCage, Inc. OrgID: INTER-359 Address: 1955 Monument Blvd. Address: #236 City: Concord StateProv: CA PostalCode: 94520 Country: US Not surprisingly, SpySheriff.com (link to whois) is hosted at InterCage, and we have SpyTrooper.com on the same IP address, 69.50.170.82. The other domain on the IP is Spy-Sheriff.com. This IP is also currently blacklisted. InterCage, Inc. INTERCAGE-NETWORK-GROUP (NET-69-50-160-0-1) 69.50.160.0 - 69.50.191.255 William Lu STANDARDSHELLS (NET-69-50-170-0-1) 69.50.170.0 - 69.50.170.255 The Intercage.com (link to site) home page is white and blank except for "." in the upper left corner. Now, that seems odd to me. An ISP with a blank homepage? Google searches for Intercage.com and Intercage, Inc. bring up all kinds of interesting links. A Google search for Atrivo produces even more fascinating information like this and this. More on this one later.