web analytics

Profiling the xDedic Cybercrime Service Enterprise – Source: securityboulevard.com

Rate this post

Source: securityboulevard.com – Author: Dancho Danchev

The popular cybercrime-friendly xDedic service was recently shut down and in this analysis we’ll take an in-depth look inside the Internet-connected infrastructure of the xDedic cybercrime-friendly enterprise and will offer practical and relevant technical insights making it easier for fellow researchers vendors and law enforcement to keep track of their current and historical including upcoming online activities.

Sample domains:

hxxp://xdedic.biz

hxxp://xdedic.ac

hxxp://xdedic.tk

Known responding IPs:

194.12.255.28

81.25.59.80

125.209.101.190

41.74.66.229

186.2.163.126

91.220.101.43

41.164.71.116

104.21.31.62

172.67.175.56

104.31.84.191

104.31.85.191

185.214.10.111

93.158.215.185

87.236.215.18

5.135.26.102

176.123.6.191

Personally identifiable information:

Email: [email protected], [email protected]

Jabber Supports: [email protected], [email protected]

ICQ 591-20-47

Related personally identifiable information:

[email protected]

Name Server: NS1.E-INVESTHOST.COM

Name Server: NS10.E-INVESTHOST.COM

Name Server: NS2.E-INVESTHOST.COM

Name Server: NS20.E-INVESTHOST.COM

Name Server: NS21.E-INVESTHOST.COM

Name Server: NS3.E-INVESTHOST.COM

Name Server: NS4.E-INVESTHOST.COM

Name Server: NS5.E-INVESTHOST.COM

Name Server: NS6.E-INVESTHOST.COM

Name Server: NS7.E-INVESTHOST.COM

Name Server: NS8.E-INVESTHOST.COM

Name Server: NS9.E-INVESTHOST.COM

Current related domain registrations:

infox.sg

getmobiledevices.com

trustpharms.com

start55555.com

elevrus24.com

Known responding IPs:

141.105.69.219

80.93.188.78

158.255.1.56

88.208.35.36

88.208.57.120

188.126.76.59

46.229.164.15

185.26.230.134

62.152.53.50

209.99.40.222

103.18.40.182

Historic related domain registrations:

mstroy.pro

viagraovernightdelivery.biz

kuechenmarkt.moscow

baf.moscow

xdedic.biz

kurgan-45.info

rrwiki.biz

legioneer.biz

Known responding IPs:

209.99.40.219

104.21.31.62

172.67.175.56

74.220.207.139

5.135.26.102

91.220.101.43

104.31.84.191

104.31.85.191

41.164.71.116

194.12.255.28

81.25.59.80

125.209.101.190

41.74.66.229

186.2.163.126

185.84.110.74

185.84.110.75

185.84.110.72

185.84.110.73

185.84.110.70

185.84.110.71

185.84.110.65

185.84.110.66

185.84.110.84

185.84.110.85

185.84.110.82

185.84.110.83

Related domain registrations:

xdedic.biz

wertor.info

adminin.mobi

swap-money.biz

fedumps.pro

gossipgel.com

viagra-purchase.org

goodfinance-blog.com

q-seo.biz

ed-generics-online.com

hotnpapers.com

buycytotecnow.com

pharmaplus.biz

buyingamoxicillin.com

buyingclomid.com

amtrustpills.com

site-in-top.biz

omerta.cc

xdedic.biz

wertor.info

adminin.mobi

ed-generics-online.com

buycytotecnow.com

swap-money.biz

fedumps.pro

gossipgel.com

viagra-purchase.org

goodfinance-blog.com

q-seo.biz

pharmaplus.biz

Known responding IPs:

91.195.240.117

193.187.128.22

18.215.128.143

193.187.128.60

52.4.209.250

149.202.225.167

18.213.250.117

91.227.18.166

172.67.164.204

194.190.153.138

104.31.70.227

212.47.196.170

195.140.147.9

104.31.71.227

51.161.1.45

89.111.178.107

45.156.119.4

209.99.40.220

40.117.174.224

89.111.176.101

178.154.240.197

89.111.176.224

194.85.61.76

38.11.201.106

38.165.108.130

204.12.207.178

192.151.154.52

104.21.31.62

156.253.118.74

186.2.163.126

5.135.26.102

91.220.101.43

172.67.175.56

119.28.6.251

104.31.84.191

72.52.178.23

104.31.85.191

150.95.54.165

41.164.71.116

150.95.255.38

194.12.255.28

185.28.193.195

81.25.59.80

159.253.25.197

125.209.101.190

159.253.28.197

41.74.66.229

187.134.45.172

89.35.39.50

190.133.29.139

209.99.40.223

189.245.138.156

141.8.224.169

187.204.88.251

91.237.88.232

201.119.124.139

186.50.114.86

201.119.9.63

186.48.59.8

170.178.183.18

103.224.182.242

75.2.18.233

165.3.150.34

154.221.230.198

169.148.17.239

154.201.195.229

179.25.249.159

155.159.237.68

2.88.87.18

160.124.92.248

186.50.124.35

15.197.210.240

178.73.236.178

210.230.244.170

141.8.224.93

91.209.77.20

188.120.239.86

184.168.221.55

208.91.197.206

185.53.179.8

141.8.224.183

85.114.137.19

52.200.243.123

52.20.104.240

52.71.117.99

107.23.160.218

162.214.81.12

103.50.163.86

52.71.185.125

52.6.86.86

54.210.33.190

54.236.123.224

107.23.198.240

52.4.72.137

23.20.239.12

54.174.212.152

54.208.174.161

*** This is a Security Bloggers Network syndicated blog from Dancho Danchev’s Blog authored by Dancho Danchev. Read the original post at: https://ddanchev.blogspot.com/2024/02/profiling-xdedic-cybercrime-service.html

Original Post URL: https://securityboulevard.com/2024/02/profiling-the-xdedic-cybercrime-service-enterprise/

Category & Tags: Security Bloggers Network – Security Bloggers Network

Views: 0

LinkedIn
Twitter
Facebook
WhatsApp
Email

advisor pick´S post