Help me to takedown this Malware Hosting (domain) DNS

kumarsinhasingh

Level 1
Thread author
Verified
Mar 4, 2017
15
Hello guys i am a big fan of Internet Security related things. I am not professional and Special IT guy. But with all my potential i used to hunt malware and report to Virustotal and sometimes make DNS abuse report to DNS owner to block and terminate hacker from connections.

My main goal is to terminate Malware (domain) DNS as much as possible. I was block and terminate many malware hosting domain (dns) by Abuse Reporting to Domain Owner. But from last week i have a problem with this malware hosting domain (DNS) blockcha1n.info .

This domain has hosting more than 5 different malware and has a victims of more than 5000 people (computers).

This malware are spread using Game Crack especially Fifa17 Crack, For Honor Game crack etc. you can see it from youtube, this crack are downloaded more than 1000 everyday. And this hacker change download crack binded with malware server every week. it means the malware is FUD every week again. I report two times to this domain blockcha1n.info and they takedown. But after a while the hacker created same domain from another Domain Company and live again. So please help me to deactivated, block and terminate this Malware domain (DNS).

I will be very thankful for your help. I don't know how to do it any more!!!:mad: (why this domain take down is important? Because thousand of people are infected) Sorry for my bad English, am not good in English o_O

Proof screenshot are also attached here:
Abuse Domain : blockcha1n.info
IP Address : 89.35.228.253
Port : 8090
etc. (he/she used different port on different type of Trojan (mlaware)
Screenshot :
3 (2).png 3.png Malware Process.png malware1.png malware4.png v2.png
 
Last edited by a moderator:

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
Welcome, whilst I cannot do much to help, I am sure some members here can provide helpful / useful links to assist you in your mission. :)
 

_CyberGhosT_

Level 53
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Aug 2, 2015
4,286
I report two times to this domain blockcha1n.info and they takedown.
You started out with the right approach. Doing what you profess to be doing is honorable, but every time they put it back up you have to repeat your steps.
Only through patience & persistence can you hope to accomplish your goal. The fight against sites like this require tracking the host and being a pest to get it taken down. I am no stranger to this just ask HackHunters.com, and by the way they would help you.
Stick to your guns and don't give up in the middle of the fight, if you do they win. ;)
 

Winter Soldier

Level 25
Verified
Top Poster
Well-known
Feb 13, 2017
1,486
As already said, it is admirable your commitment but lets say that today malcoders, crackers, attackers are united under a symmetrical business.
Closing a malicious domain, it means that another one will open after a short time or more infected domains, in parallel.
You say that this malware is spread via games crack...but this is common knowledge.
Keep in mind that in this environment no one gives you something without having back something else and this means looking for malware.
 

kumarsinhasingh

Level 1
Thread author
Verified
Mar 4, 2017
15
You started out with the right approach. Doing what you profess to be doing is honorable, but every time they put it back up you have to repeat your steps.
Only through patience & persistence can you hope to accomplish your goal. The fight against sites like this require tracking the host and being a pest to get it taken down. I am no stranger to this just ask HackHunters.com, and by the way they would help you.
Stick to your guns and don't give up in the middle of the fight, if you do they win. ;)
Thanks for your support and appreciation my friends:)
 

kumarsinhasingh

Level 1
Thread author
Verified
Mar 4, 2017
15
I track down this domain and its end on registrar-servers.com which hosting provider is www.enom.com. I already complaint twice and no reply. I think they support malware hosting if they are get paid.hmmmmmm...:confused::eek:
 
  • Like
Reactions: DardiM and Rengar

kumarsinhasingh

Level 1
Thread author
Verified
Mar 4, 2017
15
As already said, it is admirable your commitment but lets say that today malcoders, crackers, attackers are united under a symmetrical business.
Closing a malicious domain, it means that another one will open after a short time or more infected domains, in parallel.
You say that this malware is spread via games crack...but this is common knowledge.
Keep in mind that in this environment no one gives you something without having back something else and this means looking for malware.
Yaap, But all these Cracks are not Legit and it is Fake, It is not possible to hack Denuvo game until now. So they don't give nothing to give back !!:(
 
  • Like
Reactions: DardiM and Rengar

_CyberGhosT_

Level 53
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Aug 2, 2015
4,286
Yaap, But all these Cracks are not Legit and it is Fake, It is not possible to hack Denuvo game until now. So they don't give nothing to give back !!:(
I'm starting to smell something here, please tell me you are not after them
because you got a fake crack and you want revenge ?
Be honest, am I right, or am I wrong ? o_O
 
D

Deleted Member 3a5v73x

Yaap, But all these Cracks are not Legit and it is Fake, It is not possible to hack Denuvo game until now. So they don't give nothing to give back !!:(
Is there are "Legit" game cracks? :D I hope you hunt and report those guys too who publish "working" game cracks as well, if not, you are contradicting yourself :rolleyes: But overal your goal seems like a war with windmills, other than reporting them, is there anything more you can/should do, unless you are from FIB and hunting publishers/owners home adresses? :eek:
 
Last edited by a moderator:

kumarsinhasingh

Level 1
Thread author
Verified
Mar 4, 2017
15
I'm starting to smell something here, please tell me you are not after them
because you got a fake crack and you want revenge ?
Be honest, am I right, or am I wrong ? o_O
Honestly with all my heart, i never seek revenge and i dont need crack and i Never played games like this, but sometime i play Poker Card game, i learn and know from some forum that to fight malware the most targeted option is Crack and Software pirate download. From where i know Legit or Not legit crack is from Comments they said. Plus, around 4 years of hunting malware i know this little thing;). I came here not to revenge i come here to improve malware fighting..I almost fight malware around 4 years now, but i know am not professional..I come here to help but only rude comment and reply..am done!
 
Last edited:

kumarsinhasingh

Level 1
Thread author
Verified
Mar 4, 2017
15
Is there are "Legit" game cracks? :D I hope you hunt and report those guys too who publish "working" game cracks as well, if not, you are contradicting yourself :rolleyes: But overal your goal seems like a war with windmills, other than reporting them, is there anything more you can/should do, unless you are from FIB and hunting publishers/owners home adresses? :eek:
It does not matter working or not working crack, you may not know this Fraud and Scammer Stole Credit Card, Paypal Account and Bank Account information this is what i want to prevent and Fight for them. I dont seek pay back or rewards. No matter how you think i will still fight malware by my own. A round 4 years of hunting malware i never regret, save some people from Fraud and Scam. im not fighting games or game crack behind this im just fight Crack and Games that contains malware which can stole Credit Card and Bankd AC info and Paypal AC..i think 70% of malware are come from Crack and Pirate Software. Because of this you think am just fight and revenge Crack and pirate software.
 

_CyberGhosT_

Level 53
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Aug 2, 2015
4,286
Honestly with all my heart, i never seek revenge and i dont need crack and i Never played games like this, but sometime i play Poker Card game, i learn and know from some forum that to fight malware the most targeted option is Crack and Software pirate download. From where i know Legit or Not legit crack is from Comments they said. Plus, around 4 years of hunting malware i know this little thing;). I came here not to revenge i come here to improve malware fighting..I almost fight malware around 4 years now, but i know am not professional..I come here to help but only rude comment and reply..am done!
Ok, now I feel better :)
 
W

Wave

I don't think there is anything you can do if the malware author is not charged with violating the Computer Misuse Act, it depends on where they are situated (laws) and government relationships with their own and the victim's country.

Think about it properly:
1. Malware domain shows up
2. You spend lots of time regularly submitting the reports, some not even listened to
3. New malware domain shows up
4. 1-3 in a cycle again forever more
5. Now there are still another dozen million threats released in a short space of time

This is why vendors are moving more to relying on white-listing as opposed to black-listing, because they cannot simply keep up with all the new emerging and more evolving threats released every day, week, month, and year. Every single hour of the day there will be another dozen malicious domains and another dozen malicious samples pushed into the wild, and people will become infected very quickly - the only defense against this, "properly", would be to rely on your brain and make sure you know what you're doing because you're clicking will determine on whether you will become infected or not (most of the time).

As well as this, if you haven't reversed the malware samples being deployed on the malicious domain, how do you know there aren't any backup hosts so he can redirect the target? Even then, he can change the host and re-reploy the infections, I'm sure he can go a week waiting for new infection's due to all the existing made money from the last attack.

There is not much you can do, of course what you've been doing is beneficial to some but if you look at the situation properly, they can just re-do things and then it discards what you did in the first place. The author could make 1000 new domains today on a home-made bot and how many would you be able to find and report? 2? 3? Maybe 4.

So I don't think there is much you can do in this situation.
 

kumarsinhasingh

Level 1
Thread author
Verified
Mar 4, 2017
15
I don't think there is anything you can do if the malware author is not charged with violating the Computer Misuse Act, it depends on where they are situated (laws) and government relationships with their own and the victim's country.

Think about it properly:
1. Malware domain shows up
2. You spend lots of time regularly submitting the reports, some not even listened to
3. New malware domain shows up
4. 1-3 in a cycle again forever more
5. Now there are still another dozen million threats released in a short space of time

This is why vendors are moving more to relying on white-listing as opposed to black-listing, because they cannot simply keep up with all the new emerging and more evolving threats released every day, week, month, and year. Every single hour of the day there will be another dozen malicious domains and another dozen malicious samples pushed into the wild, and people will become infected very quickly - the only defense against this, "properly", would be to rely on your brain and make sure you know what you're doing because you're clicking will determine on whether you will become infected or not (most of the time).

As well as this, if you haven't reversed the malware samples being deployed on the malicious domain, how do you know there aren't any backup hosts so he can redirect the target? Even then, he can change the host and re-reploy the infections, I'm sure he can go a week waiting for new infection's due to all the existing made money from the last attack.

There is not much you can do, of course what you've been doing is beneficial to some but if you look at the situation properly, they can just re-do things and then it discards what you did in the first place. The author could make 1000 new domains today on a home-made bot and how many would you be able to find and report? 2? 3? Maybe 4.

So I don't think there is much you can do in this situation.
Thank you for a wise and helpful comment. you gave me new improvement for how to approach and fight malware. As i said before am not a specialist I.T guy and not a professional, but yes i come here to improve my skill and knowledge..Thank you once again.;):)
 
  • Like
Reactions: DardiM

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top