๐ Somebody's doing something weird, maybe you guys know what it is
๐ก Newskategorie: IT Security Nachrichten
๐ Quelle: reddit.com
A friend of mine let her domain name expire and somebody snatched it up in May of last year: https://securitytrails.com/domain/rachelsermanni.co.uk/history/ns and the weird thing is they made a static copy of her Wordpress site and put it behind Cloudflare. If you look at the MX tab in that link they had it pointing to Deteque LLC which I'm assuming can't be good. It also looks like they've been moving it a lot, Sweden, Germany, Russia, Czech Republic as if they keep getting kicked off their hosting providers.
I'm wondering if anybody has any theories, is this a thing bad guys do? I don't exactly know how botnets work, could he be using it to hide one? Looks like he's set up a mail server too, maybe he's just spamming people but it's weird, why take the time make an exact copy the site?
I wrote the registrar and haven't heard back yet, I guess I'll talk to Cloudflare tomorrow, I doubt I'll have any luck getting it taken down from whatever Russian hosting platform he's on though.
This is really interesting to me though, what do you think this guy doing?
[link] [comments] ...