Ricky Spanish
New Member
Are they a member here? I never did business with this company and I got a email from them.
Who is intensenode?
- Thread starter Ricky Spanish
- Start date
drmike
100% Tier-1 Gogent
Intensenode is a spammer.
A spammer with now private WHOIS info that was just out there two days ago. The data appears to be invalid (original).
You were emailed because you bought something / got on list of ChicagoVPS or 123Systems.
Some are pointing finger at Fabozzi for this. Others are saying this Quadranet.
Still need to establish who got the email, when they can trace their interaction with CVPS/123Systems back to. Appears this email list came from first half of 2014 or earlier.
Not clear that it has anything to do with prior hacks of CVPS. Easy to dismiss it as that, but zero proof of that relationship at this point.
A spammer with now private WHOIS info that was just out there two days ago. The data appears to be invalid (original).
You were emailed because you bought something / got on list of ChicagoVPS or 123Systems.
Some are pointing finger at Fabozzi for this. Others are saying this Quadranet.
Still need to establish who got the email, when they can trace their interaction with CVPS/123Systems back to. Appears this email list came from first half of 2014 or earlier.
Not clear that it has anything to do with prior hacks of CVPS. Easy to dismiss it as that, but zero proof of that relationship at this point.
This is why it's wise to sign up with company specific emails when ordering services. Very easy if you use Gmail.
Example with Gmail: [email protected] will still email all messages to your [email protected] address but will place these messages in a folder named 'hostingcompany' in your inbox. Neat little trick. The benefit of doing this is that if you receive email spam to a specific folder you can determine what company sold your information, was compromised with no notification to the user or is engaging in some other shady behavior.
With all the DB leaks that have occurred in the past, it could just be a company utilizing harvested emails. ChicagoVPS had their solus DB dumped a couple times a couple years ago. GVH had their stuff compromised more recently. 123Systems... I don't remember. Maybe. It's hard telling. Maybe someone who signed up with a company specific email can let us know if they received this same spam to it, then we can determine at least what company the email list came from.
Example with Gmail: [email protected] will still email all messages to your [email protected] address but will place these messages in a folder named 'hostingcompany' in your inbox. Neat little trick. The benefit of doing this is that if you receive email spam to a specific folder you can determine what company sold your information, was compromised with no notification to the user or is engaging in some other shady behavior.
With all the DB leaks that have occurred in the past, it could just be a company utilizing harvested emails. ChicagoVPS had their solus DB dumped a couple times a couple years ago. GVH had their stuff compromised more recently. 123Systems... I don't remember. Maybe. It's hard telling. Maybe someone who signed up with a company specific email can let us know if they received this same spam to it, then we can determine at least what company the email list came from.
Ah, looking over at LET I see that they've got a thread going about this too. Seems that people are saying they're getting them from addresses they've used only for specific companies. WeLoveServers, 123Systems, and ChicagoVPS seem to be the 3 companies people are saying they had signed up for in the past.
Last edited by a moderator:
DomainBop
Dormant VPSB Pathogen
IntenseNode WAS a provider until their host shut them down for spamming around noon yesterday. After being shut down they switched their nameservers to their registrar's default servers, changed the WHOIS to private, and called it a day. No A records or MX records so you don't need to worry about any more spam. Bye, bye spammers.
WHT thread: http://www.webhostingtalk.com/showthread.php?t=1509326
On another note:
WHT thread: http://www.webhostingtalk.com/showthread.php?t=1509326
Former employee with a copy of the NWNX/CVPS mailing list is more likely than someone harvesting emails from one of those DB leaks because many of those addresses that were spammed Sunday night (UGVPS customers, 123sys customers) weren't in the Solus/WHMCS DB leaks. The email address I used for UGVPS was added to the CVPS mailing list when they acquired UGVPS but was never added to their WHMCS (or SolusVM).
On another note:
Looking over at LET I see that Chris's little puppy dog who for the past 2 years obediently locked and sunk CVPS related threads when Chris asked him to, and frequently went into attack mode against anyone who criticized CVPS, quit as administrator and deleted all of his own posts. Good riddance (he was a major reason I haven't posted there since December 2013).
Last edited by a moderator:
drmike
100% Tier-1 Gogent
123Systems never was hacked as far as we all know.Quote said:
Clear that some folks were 123Sys customer and thus origin. Others were CVPS customers, and clear their origin.
Question remains what emails were spammed. I am going to dig the CVPS database back out and look for the email pile and do some comparisons. With that data we can surely determine if this was from that or if it was a rogue employee.
Really? I vaguely remember him being not-so-bad. Seemed relatively intelligent for his age without being irritatingly precocious. Guess I've never really followed any of the CPVS dramas at @drmike levels of scrutiny, though, so wouldn't know there. Nonetheless, lol if you've been holding some ~2 year grudge against a kid for being used to tow the party line.
Last edited by a moderator:
drmike
100% Tier-1 Gogent
Well, there were other providers mucked up in the site / history / related.
We managed to scare whoever it was into closing shop with record quickness.
Someone knew their actions were ill and someone who reads these forums someone well versed in being a provider and the technical attributes of what was being offered.
May I encourage them to try again...
We managed to scare whoever it was into closing shop with record quickness.
Someone knew their actions were ill and someone who reads these forums someone well versed in being a provider and the technical attributes of what was being offered.
May I encourage them to try again...
DomainBop
Dormant VPSB Pathogen
Dillybob's statement eliminates the 2012/2013Solus/WHMCS DB hacks as the source, and the timing eliminates as suspects a pair of former employees who went to work for a competitor in mid 2014.
So either A. CVPS got hacked recently (i.e. in the past few months) and doesn't know it, B. a recent/current CVPS worker is selling the mailing list, and/or C. #winning is full of shit.
TheLinuxBug
New Member
That's certainly possible too. But there are also people who also sign up for things with specific email addresses that are associated with what they're signing up for. There is several [email protected] type addresses used by members on this site that I've seen in passing, and working in the hosting industry have seen stuff like that as well from customers.
Of course if selling the data looking for things like that would be wise, but not everyone has that level of forethought.