Hi everyone! This is a thread in regards to Zero Host & "AbuseResistant" providers
Apparently, ZeroHost.io has removed their email address for abuse complaints as we detected today.
@bradleyjkemp has investigated this and it turns out there is no other email address for abuse complaints. Looks like they do not want to be “annoyed” with our emails regarding severe abuse.
If someone has any idea on what to do in these cases, please submit your idea in the comments below.
IDK. It looks like the criminals win, and zerohost is negligent.
Sorry off topic:
I’m still seeing sophisticated sites not picked up by live screenshots here or at urlscan from Cloudflare and REG-RU , sites that appear to avoid domains and F12 INSPECT element functions.
https : //free-gifts . space/setson-gifts=043d8f124 (phishing)
https : //imgur . com/a/HW36IMz (screen shot of the phishing site) Discord web forgery - using fake forgery steamcommunity.com login for hijacking Steam accounts.
https : //urlscan . io/result/70c7379b-f07f-4203-a091-0b29a5dc9259
Thank You [System27_Security]
And it could be avoiding yours too… like this one as well, hosted by… guess who?
https : //steamcommeunity . ru/tradeoffen/new/ = (phishing)
Hosting Provider support@zerohost.network
Domain Registrar RU-CENTER
Avoids screenshots with , 404 page, avoids F12 Inspect elements with 404 page.
https : //phish . report/cases/case_cols6e30mrcw
image screenshots of site https : //imgur . com/a/fmvvfGm the 404 is after I, press F12 to inspect elements.
edit: the problem being is not only are these blocking urlscan and phish report, but also Microsoft, Google, and Netcraft, so I’m seeing that these urls are not as likely to display malicious site warnings on them, I guess maybe because 404 is displayed and those detection don’t see them as malicious.
Steam Chat rooms are spammed to hell daily by bot accounts, that are posting these urls in un moderated chat rooms.
one url gets taken down, these criminals just move on to the next created domain name and host with the same phishing scheme.
You probably know my report history here. After doing reports for just a while now, I can clearly see how this is all kinda a pointless and futile cat and mouse. The cyber crime doesn’t ever go away. Same criminals / scam different url / day.
edit: yep cyber criminals seemed to have figure out the host and domain names sites that accept and protect them. https : //steanmcomnnumnity . com/10549309764 zerohost & REG RU
Phishing site created 1 hour ago (estimated)
https : //steanmcomnnumnity . com/10549309764
Russian or not, isn’t there still a paper trail, money changing hands for domain names and hosts? Or are these Russian domains and host just as malicious as the criminasl buying and hosting sites?
IMO VALVE SOFTWARE - https : //www . valvesoftware . com/en/ is just as negligent at allowing Steam Group chats that seem to be dedicated to cyber crime phishing against their own rules and guidelines, but that’s just a whole another rant that is not phish . reports responsibility.
Steam Community Groups
The Steam Community allows players to create private or public community groups, each with their own discussion hub, announcement system, and group chatroom. The creators and members of these groups are responsible for ensuring that they adhere to all of the guidelines outlined above.
Groups that allow violations of these guidelines may be removed and the accounts involved with uploading the content may be restricted.
Tell me now that this is all Section 230’s fault and how it needs reform to hold companies accountable for the USER content that is posted.
Anyone here wants some Steam Chat invites to un moderated phishing chat rooms hit me up.
https : //www . ftc .gov/business-guidance/resources/consumer-review-fairness-act-what-businesses-need-know
The Consumer Review Fairness Act (CRFA) protects people’s ability to share their honest opinions about a business’s products, services, or conduct, in any forum, including social media.
I’m curious what does https : //complaint . ic3 . gov/ and other national web consumer protection investigators think about all this cyber crime? Business as usual? Job security? The long arms of international law cannot touch Russia, or Putin will hyper sonic nuke?
Is that even legal?
How come, can you be a hosting provider/registrar/server provider, and not even allow abuse reports?
Server providers are sort of a gray area. We can submit a complaint against domain registrars with ICANN, however ICANN does not have the authority to enforce server hostings. Our best bet would be to contact law enforcement in Russia, Our team has an educated guess on the fact that Law Enforcement in Russia will not do anything. (Based on their track record of taking action against cybercrime)
I’ll update this reply if we something interesting in this topic.
