And yet another DDoS

And yet another DDoS

Aa419.org is experiencing yet another DDoS attack.

Now here is the weird thing. When and as aa419 members encounter fraudulent websites, they get it listed and terminated, it’s nothing personal. Fraud does not belong on the net. However those that lose there instruments of fraud do get more than a bit upset and is why we see attacks against us. It just confirms the effectiveness of aa419.org

However in this instance the attacker chose to highlight a listing for http://www.gline-bank.com/ in his attack. Why? What was this?

It’s an entry for a fictitious “Bank Of Ivestments”. This is not  spelling error on the side of aa419, rather that of a not too clever HyIP scammer. Referring to the scammer as “not too clever” is deliberate and will become more than apparent as we analyze issues in this scam. In this case it’s actually an understatement.

Looking at the domain name, “gline” in gline-bank.com, it was supposed to stand for Greenline.

This, linked to the scammer’s lacking spelling skills, made a member curious to see what else there was on the net that matches these rather silly identifying mistakes. As we said many times before, nothing motivates our members like a DDoS attack.

Hello, what have we here? http://www.greenline-bank.com aka “Bank Of Ivestments”

Clicking on this “bank’s” about us we see how they describe themselves:

About Us
Bank of Ivestments is a private investment company operating in the field of local and global investment. We offer investment opportunities to individuals and companies so to allow for participation in the business market within a safe and risk- free investment environment.

We have a strong infrastructure and solid administrative basis since we have sufficient expertise to manage our projects and invest funds in all available economic sectors in which we perceive the future dimension we aspire to reach.

We founded Bank of Ivestments with one goal in mind – making our company one of the most “Trusted and Respected” investment company in the world. Bank of Ivestments would never deviate from that commitment; to be a global standard bearer recognized worldwide for its fundamentals – based investment principles and first-class client services.

Very amusing, to say the least. They promise

Fixed monthly profit rate (7%).
Withdrawing the principal or profits at any time.
A minimum investment limit of 100 USD/EUR.
Possibility of reopening new investments.
Possibility of profits reinvestment.
Ongoing technical support around the clock.

Now this is borderline hilarious. Right below this promise of 24 x 7 technical support, we find “Online Support” to be Offline.

But it gets even better and moves to the insane realm. Look at the domain registration details of this domain:

 Domain Name: GREENLINE-BANK.COM
Registrar: CENTER OF UKRAINIAN INTERNET NAMES
Whois Server: whois.ukrnames.com
Referral URL: http://www.ukrnames.com
Name Server: NS1.AFRAID.ORG
Name Server: NS2.AFRAID.ORG
Name Server: NS3.AFRAID.ORG
Name Server: NS4.AFRAID.ORG
Status: ok
Updated Date: 21-may-2013
Creation Date: 21-may-2013
Expiration Date: 21-may-2014

Service Provided By: Center of Ukrainian Internet Names
Website: http://www.ukrnames.com
Contact: +380.577626123

Domain Name: GREENLINE-BANK.COM

Creation Date: 21-May-2013
Modification Date: 21-May-2013
Expiration Date: 21-May-2014

Domain servers in listed order:
ns1.afraid.org
ns2.afraid.org
ns3.afraid.org
ns4.afraid.org

Registrant:
Green Bank f858614@rmqkr.net
22643, LUND, Magistratsvagen,  17
LUND, 22643
SWEDEN
+46.460169696

Billing Contact:
Green Bank f858614@rmqkr.net
Green Line
22643, LUND, Magistratsvagen,  17
LUND, 22643
SWEDEN
+46.460169696

Administrative Contact:
Green Bank f858614@rmqkr.net
Green Line
22643, LUND, Magistratsvagen,  17
LUND, 22643
SWEDEN
+46.460169696

Technical Contact:
Green Bank f858614@rmqkr.net
Green Line
22643, LUND, Magistratsvagen,  17
LUND, 22643
SWEDEN
+46.460169696

Status: ok

Not only is the address incomplete, the email address is a disposable email address. Please queue up here for your own personal rmkqr.net email address, guaranteed to self destruct in a few minutes!

Now, let us reconsider the claims made initially: “We have a strong infrastructure and solid administrative basis since we have sufficient expertise..”. “Trusted and Respected”

Surely this HyIP scammer qualifies for the internet equivalent of the Darwin award? Not only himself, but also his scams. At any time he may loose his domain if somebody had to report it for invalid registration details and that registrar follows the provisions of the ICANN RAA. Strangely (?) any attempts at calling +46.460169696 also fails. As such we have a domain where there is no control – our HyIP scammer essentially cut himself off from the domain and can’t respond to any Registrar communication to him. Not too bright for a scammer.

Any “investor” in Green Bank / Green Line / Bank Of Ivestments, or whatever he choses to call himself next, is bound to be building his HyIP investment on extremly fragile foundations. The word quicksand jumps to mind.

Now let’s take this a step further. We already showed the domain registration details of this HyIP scam. Let’s take a look at the now suspended gline-bank.com domain, our HyIP scammer has just taken stupidity to a new level.

Privacy Protection Service is enabled for this domain
To contact the owner of the domain please send a request to the registrar

Domain Name: GLINE-BANK.COM

Creation Date: 22-Jul-2013
Modification Date: 22-Jul-2013
Expiration Date: 22-Jul-2014

Domain servers in listed order:
ns1.afraid.org
ns2.afraid.org
ns3.afraid.org
ns4.afraid.org

Registrant:
Protected name, protect@privacy.com.ua
p.b. 2354, Kharkov, UA
+380.577626123

Billing Contact:
Protected name, protect@privacy.com.ua
p.b. 2354, Kharkov, UA
+380.577626123

Administrative Contact:
Protected name, protect@privacy.com.ua
p.b. 2354, Kharkov, UA
+380.577626123

Technical Contact:
Protected name, protect@privacy.com.ua
p.b. 2354, Kharkov, UA
+380.577626123

Apart from the privacy abuse, do you spot it? Of course you do. How stupid does it get.

Let’s take it a bit further: http://bankof7.com / bankofseven.com.

About Us 

Report an Error BANK OF 7 is a private investment company operating in the field of local and global investment. We offer investment opportunities to individuals and companies so to allow for participation in the business market within a safe and risk- free investment environment.

We have a strong infrastructure and solid administrative basis since we have sufficient expertise to manage our projects and invest funds in all available economic sectors in which we perceive the future dimension we aspire to reach.

We founded BANK OF 7 with one goal in mind – making our company one of the most “Trusted and Respected” investment company in the world. BANK OF 7 would never deviate from that commitment; to be a global standard bearer recognized worldwide for its fundamentals – based investment principles and first-class client services.

What can I say,  the aa419 team is bored thanks to certain issues beyond our control. Slay away scam killers!

Update
Digging around a bit more, we find:
bankof7.net (domain recently expired)
lineinv.com (alive and well)

Comments are closed.