Posted by: realsecurity | December 16, 2008

Sources of Badness – PortNAP

One of the smaller hosts I’ve identified is PortNAP Internet Services. They appear to get their service from Grafix Internet B.V. We’ve seen fake anti virus coming from 3 of their IPs in two different /24 subnets registered to PortNAP –

inetnum: -
netname:        GFX-CUST-PORTNAP
descr:          PortNAP Internet Services
org:            ORG-PIS13-RIPE
country:        NL
admin-c:        GFX-RIPE
tech-c:         GFX-RIPE
status:         ASSIGNED PA
mnt-by:         GFX-MNT
changed: 20081021
source:         RIPE
abuse-mailbox: 2008-12-02 – site down /2009/download/trial/A9installer_880473.exe 2008-12-02 – site down /download/trial/AV360Install_77014205.exe
2008-11-20 – site down /2009/download/trial/A9installer_880290.exe


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: