JOK3R Deface Many China Register Fake Domains
Iranian hacker JOK3R -White Hat Hacker- Of Iran Cyber Team have made mass deface of domains register by China
Example deface is here
Domains is suspicious because date of creation very close together and have same contact email -linked with many thousands of domains- same postal code but different registrant names and locations
Perhaps domains is for spam or phishing attack or part of botnet?
Example:
sqxfxy.com
Registrant Name: yan yangbiao
Registrant Organization:
Registrant Street: Qinghaisheng
Registrant City: zhangjiagangshi
Registrant State/Province: shuikou705hao
Registrant Postal Code: 700119
Registrant Country: CN
Registrant Phone: +86.013387671570
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: [email protected]
soarpop.com
Registrant Name: huo yongkang
Registrant Organization:
Registrant Street: Liaoningsheng
Registrant City: zhaotongshi
Registrant State/Province: hepinglu
Registrant Postal Code: 700119
Registrant Country: CN
Registrant Phone: +86.076989609403
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: [email protected]
shangyi999.com
Registrant Name: sun xinhou
Registrant Organization:
Registrant Street: Fujiansheng
Registrant City: nanningshi
Registrant State/Province: yanjiangzhonglu168hao
Registrant Postal Code: 700119
Registrant Country: CN
Registrant Phone: +86.09958580205
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: [email protected]