legal - Unresolved Namess Sale -

[buysellfast]

Sheriff. I pledged $200.00 to a member who makes a visit to the address and can confirm. (hell... i may increase that to find this guy) I want to see this ends and the culprits pay, as i dealt with the victim just two weeks ago for XX,XXX and they are very good ppl. this shouldn't happen to them. I think he messed with the wrong team.

 

[klklinc]

Looks like 171 Pine St, Sudbury are apartments as there are 4 phone listings for this address although none are for Patrick Norman.

 

[spidergoat]

I just realized something ... (but someone tell me if I am wrong)

all someone needs to hack our accounts here is to simply know our email address. if it is the same email address as on our whois information it would be trouble, or even worse can a scammer not easily get into one of our registrar accounts using the same email address we have to give for payment or a GD push? And doesn't GD want the email you use to sign in with to be the same as on the whois? Indeed, does the GD info we have to give not pretty much give someone an easy way into our GD account?

It just seems that there should be a better level of security on the forums and on the registrars, esp. in light of the increased scamming and no chance of help from GD or PP after the fact. Is it just me, or is there a really big problem here? If it is a matter of using other email addresses on forum and registrar sign ins, we should make that really clear for people.

One paper thin email address that is used for overall communication is not a good level of security.

 

[Yofie]

I just realized something ... (but someone tell me if I am wrong)

all someone needs to hack our accounts here is to simply know our email address. if it is the same email address as on our whois information it would be trouble, or even worse can a scammer not easily get into one of our registrar accounts using the same email address we have to give for payment or a GD push? And doesn't GD want the email you use to sign in with to be the same as on the whois? Indeed, does the GD info we have to give not pretty much give someone an easy way into our GD account?

It just seems that there should be a better level of security on the forums and on the registrars, esp. in light of the increased scamming and no chance of help from GD or PP after the fact. Is it just me, or is there a really big problem here? If it is a matter of using other email addresses on forum and registrar sign ins, we should make that really clear for people.

One paper thin email address that is used for overall communication is not a good level of security.

There is more involved then just an email address... Many have User Name, Password and so on.

Just do not use a Free Email service and that will help Greatly!

 

[buysellfast]

spidergoat --> its off topic.

You email addy here, and your domains email addy, have a different set of passwords.
if its the same, then the hack here, and there would be compromised, if its compromised here. this is not what happened here (9mm case). i think it was a keylogger or bruteforce type. anyways this is off topic, lets dig on on this thread.

get it?

 

[Stian]

There is more involved then just an email address... Many have User Name, Password and so on.

Just do not use a Free Email service and that will help Greatly!

Don't use webmail or an e-mail account which is accessible via webmail.

 

[spidergoat]

sorry, didn't meant to get off on a tangent. And I did realize that just because someone knows your email address, it is pretty impossible with a pop email setup to have the "change your password" sent to the scammer. But the webmail tip is the important one here.

 

[Gerry]

Wow, 10 days, 627 comments, 17,637 views.

This thread is seeing more action than most web sites.

Hotter than a global warming thread.

 

[Kamloops]

Not sure where to post this -

I recieved a PM over at the other Forum and it wants you to go to a site, DOT NOT GO THERE

Do not go to hxxp://www.istnight.com.

I believe it will install a keylogger on your machine! I somehow got into the root of the site and was able to look at all the files, I downloaded a couple of TXT files named MK-keylog.txt and REG-160-keylog.txt. The contents of those files are information logged which looks like conversations with Tech Support at Register.com
They may have installed a keylogger there?

This is really bad, I am not sure if I have it installed on my machine but as soon as I went to that site I knew something was not right as it just says wait 10 seconds, I stopped it right away and then somehow got into the root, so I snooped around there.

This must be how the domains are been stolen! If anyone wants the TXT files let me know.

And if you have an idea on how I can check to see if I have a keylogger intstalled please PM me.

I see the member is Banned now.

This is the PM from a Member -

Atech
Banned
Trader Rating: (0)
Join Date: Mar 2008

domains about
your domains with 450$ for me
okay ?
my list hxxp://www.istnight.com look at , 16k$ ..

 

[Gerry]

make that 629

 

[bro]

Kamloops, Remove the live link.

 

[Kamloops]

I am trying, cant figure out how maybe a mod can

 

[sashas]

off topic question: how do you know you have a keylogger installed on your computer? And how do you remove it?

 

[Kamloops]

off topic question: how do you know you have a keylogger installed on your computer? And how do you remove it?

That is what I am trying to figure out.

And Mods why cant I edit my post above , no edit button?>?

 

[Stian]

off topic question: how do you know you have a keylogger installed on your computer? And how do you remove it?

Scan your entire computer frequently with anti-spyware applications like Lavasoft's Ad-Aware and SpyBot . Make sure you update the applications/definition files each and every time before you run a scan.

 

[theinvestor]

off topic question: how do you know you have a keylogger installed on your computer? And how do you remove it?

This is a tricky question because some keyloggers are very obvious. They may load something on start up and other keyloggers involve passwords and are actually HIDDEN files on your computer. The reason they have these is mostly for ADULTS snooping on their kids behaviour online.

Hope that helps,

Sam

 

[PRED]

That is what I am trying to figure out.

And Mods why cant I edit my post above , no edit button?>?

you can't edit in legal threads. it's been disabled

 

[Kamloops]

Here is some of the stuff from one of the files I grabbed - can anyone translate?
These files are big, lot of info. I was going to post them but not a good idea.

yanii
alsin da sakliyordum
ama lvl düþük olun ca artik iþimize yaramayacak diye dün gece satmiþtim
uuok
sen lvl kaçsin
ok
sana malzeme bulursam ayiririm
ok
uumkasmami istermisin seni
veya bu hell cerberus nedir
h.g seba
seni kirdiðim için çok özürdilerim
mbeklermisin beni meydan da
m750000
hayir yaa
bendede var para
ben de var yaaa
500000
ok
depo doluu
girtlaða kadar büyük enerji ilee
100000

If one of the mods want these two files I grabbed I can send them. I am not going to post them as there is some private info in them I am sure of that. May JP can take him he is a good detective!

 

[liberator]

off topic question: how do you know you have a keylogger installed on your computer? And how do you remove it?

Best thing to do when you think you've been trojaned or keylogged is to disconnect your internet source.

Then from another computer download and or update the antivirus system your using. Adaware, and other spyware detectors, will not remove keyloggers unless they are very obvious.

In most cases a good programmer can avoid even antivirus checkers. These antivirus checkers rely on reports of virus signatures etc. If this individual custom coded a virus it won't be detected until he infects someone with the knowledge on how to detect and take it apart. Then reported. Unless he uses techniques that are easily recognized.

My suggestion is to install a good firewall and keep an eye for unrecognized programs trying to connect to unrecognized sources.

Cheers,

Jay

http://ruphus.com/identify/

Says it Turkish Language

 

[Kamloops]

Here is some more -

[Aktif Pencere]>>>Register.com Customer Service Manager (K-Meleon)

[Aktif Pencere]>>>Support Console (Retail Support (Janus))
[Ctrl]a[Delete]
[Aktif Pencere]>>>Register.com Customer Service Manager (K-Meleon)
[TAB]
[Aktif Pencere]>>>Support Console (Retail Support (Janus))
[Ctrl]cv[Ctrl][Ctrl]c regarding the domain name "[Ctrl]v".

We understand that you wish to cancel the renewal of the domain name and you do not have access to the Registrant contact email address
[Aktif Pencere]>>>Register.com Customer Service Manager (K-Meleon)
[Ctrl]c[TAB]
[Aktif Pencere]>>>Support Console (Retail Support (Janus))
iv[Ctrl]".

Please note that we require a verificaiton from the registrant contact email address in order to cancel the renewal of the domain name.

If you do not have access to the Registrant contact email address i[Ctrl]vi, then you would need to change the email address associated with the domain name.[Ctrl]cc
[Aktif Pencere]>>>Agent LogSheet - Ticket for Altaf Mulani
[Ctrl]v