[Dshield] Site suspect

George Theall theall at tifaware.com
Fri Oct 24 00:33:50 GMT 2003

On Thu, Oct 23, 2003 at 01:55:57PM -0500, john beck wrote:

> I have been alerted to a website that someone was going to book a room at 
> Hyatt Regency and they went to www.hyattregency.com and there it, will give 
> a popup that says you have the rpc virus and it wants you to click ok to 
> scan your machine, 

Looks like a cybersquatter; the real Hyatt web site is at

                     ---- snip, snip, snip ----
theall at badger:/home/theall>whois hyattregency.com at whois.geektools.com
GeekTools Whois Proxy v5.0.3 Ready.
Checking access for ok.
Checking server [whois.crsnic.net]
Checking server [whois.enom.com]
Registration Service Provided By: -
Contact: admin at russa.com
Domain name: hyattregency.com
Registrant Contact:
   The data in Bulkregister.com's WHOIS database is p   (NA)
   Bulkregister.com for information purposes only, that is, to
   obtaining information about or related to a domain name regi
   does not guarantee its ac,
Administrative Contact:
   Free Domains Parking
   Andrey Vasiliev -   (mail at russa.com)
   Glavpochtamt, d/v Vasiliev Andrey Vladimirovich
   Moscow, RU 101000
   Moscow, RU 101000
                     ---- snip, snip, snip ----

theall at tifaware.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/list/attachments/20031023/27dd404b/attachment.bin

More information about the list mailing list