New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Or just open discord with web browser and inspect element.
There is a chance that what we are witnessing is a messy breakup between Fran and TinyWeasel.
It's clear that the Weasel wants to get back, but Fran is sternly saying no, rightfully so.
You can easily find the BuyVM IP ranges, and then do a RDNS on each IP and then find the WHOIS contact for those, etc.
Of course, you have to be careful...
https://lowendtalk.com/discussion/85143/ok-which-one-of-you-did-this
(warning from @doghouch : large GIF)
Alright. So the consensus is 'ignore'. Great
Right.
There's already an FBI case open in probably every state in regards to the bomb threats and all that. Same group for all the emails.
Francisco
Here's the full source of the message if anyone's curious. Warning for racist language and my email address (don't spam me bros).
https://drop.skyraker.ca/direct/jbpy8hi7.txt
Dug through my email, I canceled BuyVM/Frantech back in 2017.
How did they get your email then? Surely not from whois data from 4 years ago.
Maybe it's possible Fran's customer db is compromised.
The only email address I don't get the emails on is the one registered with BuyVM.
Correction: The email I previously used for billing on BuyVM also doesn't get them.
Doubt it because I didn’t get the email too.
That's a bit of a stretch...
Been a BuyVM customer since 2016, and have never received spam from them.
No leaks. We've been able to track down basically every person that got an email to them having it listed somewhere.
There's 2 email lists that they were blasting.
#1 - Emails they scraped from discord profiles as well as messages in channel. For the profiles they would then check youtube channels if the user lists one, scrape github's if listed too. Some scraping of RDNS records too. Very involved.
#2 - The abuse/sales/netops lists from RIPE/PeeringDB. Weasel dropped by discord a few days ago claiming that peeringDB's API is extremely easy to scrape, kicks out a quick JSON list, etc.
It's shitty and I'm sorry for it.
Francisco
Glad to hear it wasn't a leak, it just makes the attacker an even higher stage clinger which is never great.
We're assuming a part of list #1 was an automatic scrape, but then we'd see people get added to it slowly, so likely an additional pass.
Francisco
Fortunately, in the span of 5 years, we've gone from "1 GB" plans to illllimitoooo.
Thanks for the warning, though <3