The next Kickstarter Spammer Justbacker

Gespeichert von eazrael am/um So, 02. Apr 2023 12:50:24

Just got another spam mail for a Kickstarter project. This time from justbacker.com located in "335 Lowell Ave, Palo Alto, CA 94301" according to the mail. So another mail to my old Kickstarter email address which was part of the Kickstarter Hack/Leak in 2014. And from my experience with Kickstarter they seem to tolerate this and does nothing against. None of my reports had any verifiable effect and I never got any reponse, not even something like "stop sending us is this shit".
The spamvertised product is Tech Belt by Filippo Moratoo and is a Kickstarter Team Favorite.
The mail was received from 213.109.77.33 / mx319.spsndr.com. Never heard of spendr.com before, The description on their homepage says The only cannabis payments & rewards app. WTF? Why sends a cannabis payment company spam for kickstarer project and what the hell are cannabis payments? Oh, the hoster are my old friends from contabo. The referer redirection is also using spendr.com and is hosted at hetzner.de, but for unknown reasons Spamcop wants to send a report to Amazon AWS.

Rubrik:

Negatives

Another Bad Bot: cyberscan.io

Gespeichert von eazrael am/um So, 10. Jul 2022 14:59:23

In my robots.txt I have an fake entry disallowing access to a special path which is not linked anywhere. No bot should ever visit this entry, but a few months ago a bot accessed this URL. The bot has the UA "cyberscan.io" and according to Google it is "Your next generation Cybersecurity Tool!". Whatever, the UA may be faked, but this another entry for the block list..

Tags:

security

bot

bad bot

Süßstoffe in Softdrinks

Gespeichert von eazrael am/um Sa, 12. Feb 2022 11:45:45

Süßstoffe in Softdrinks
Getränk	Stand	Aspartam	Acesulfam-K	(Natrium-)C yclamat	(Natrium-)Saccharin	Sucralose	Steviolglykoside	Zucker
afri cola ohne Zucker	15.05.2022	X	X	X
Almdudler ohne Zucker	14.05.2022	X	X	X
Coca Cola Fanta ? #1			X	X		X
Coca Cola Fanta Lemon ohne Zucker	05.04.2022	X	X	X
Coca Cola Fanta Mango ohne Zucker	12.02.2022		X	X		X	X
Coca Cola Fanta Orange ohne Zucker	05.04.2022		X	X		X
Coca Cola Fanta Shokata	17.04.2022		X			X		X
Coca Cola Coke light Koffeinfrei	23.04.2022	X	X	X
Coca Cola Coke Zero Sugar	12.02.2022	X	X	X
Coca Cola Mezzo Mix Zero	12.02.2022	X	X	X
Coca Cola Sprite ohne Zucker	21.02.2022	X		X	X
Dr. Pepper ohne Zucker	14.05.2022		X			X
fritz-kola ohne Zucker	23.04.2022	X	X	X
Gerry Mango Passionsfrucht zero	30.03.2022		X	X	X
Gerry Orange Guave zero	29.03.2022	X	X
Gerry Orange zero	23.03.2022		X	X	X
Gerry Pfirsich-Maracuja zero	27.03.2022		X	X	X
Gerry Pink Grapefruit zero	28.03.2022		X	X	X
Green Cola	12.02.2022					X	X
ja! Cola 0% Zucker	20.02.2022	X	X	X
Lipton Ice Tea Zero Geschmack Pfirsich	19.05.2022		X			X
Lipton Ice Tea Zero Geschmack Zitone	17.04.2022.		X			X
Pepsi 7up free	12.02.2022	X	X
Pepsi light	05.05.2022	X	X
Pepsi Max	05.05.2022	X	X
Pepsi Max Lemon	16.02.2022	X	X
Pepsi Mirinda zero	03.04.2022	X	X
Pepsi schwip schwap zero Lemon Taste	16.02.2022	X	X
Sinalco Cola ohne Zucker	23.03.2022	X	X	X

Tags:

süßstoff

softdrinks

cola

More Spam from "Reward Update"

Gespeichert von eazrael am/um Mo, 25. Okt 2021 23:41:15

More Spam from "Reward Update" which most likely got the e-mail address from the Kickstarter hack (leak?) in 2014. How did they get their clients? Most likely through spam.

Spamvertized Products:

Sento Air: Kickstarter's Most Funded Towel Remastered | Raised $200,000+
Japanese Craftsmanship // Meticulous Design // Exceptional Materials // Extremely Comfortable
Dride 4K: Next Gen Connected Dashcam | Raised $800,000+
4K // Remotely Access // Heat Resistant // Motion Detection // GPS // 4G // Dual & Rear Cam
This project is trending on Indiegogo and has raised over $130,000!
Claw 2.0 is a Titanium Box Cutter, Bottle Opener, Hex Driver, Pry Bar and it's small enough to sit on your keys.
This is the smartest desk mat around, ideal for those who hate clutter but love organization. Create and arrange your own desk space by building it exactly to your own specifications with this modular board.
Raised over $340,000!

Click Here To Learn More About the MOFT Smart Desk Mat

Tags:

spam

kickstarter

Rubrik:

Negatives

Spamvertised Product: ForeverPen™

Gespeichert von eazrael am/um Di, 19. Okt 2021 21:18:19

A "newsletter" for another crowdfunded product was sent to the mail address stolen from Kickstarter in 2014... This time it's "ForeverPen™ - Writing Without Limits", Seems to be an "inkless" pen that can write forever. Seems they ordered promotion services from "Reward Update":

Reward Update
899 E 8th St, Brooklyn,
NY 11230, USA

Reward Update is not associated or affiliated in any way, shape, or form with either Indiegogo, Inc, Indiegogo(dot)com, kickstarter(dot)com, Kickstarter PBC or Kickstarter, Inc.

Rubrik:

Negatives

Spamvertised product: Kisha

Gespeichert von eazrael am/um Mo, 23. Aug 2021 20:00:53

For weeks now I get spam for a "smart" umbrella called "Kisha". I never signed up for their "newsletter" and it's using the mail address which was leaked in the 2014 Kickstarter hack or leak. I report the mails ASAP to Amazon (Origin of the mails) and Cloudflare (Hoster of the spamvertised site) but neither of them seem to care about about spam. Anyway, let the world know that the guys behind Kisha are just spammers and never buy stuff from spammers.

Some of their Newsletters:

Sender	Subject
Kisha Umbrellas	Kisha Classic Foldable is Back in Stock - Get it now with $20 Discount
Kisha Umbrellas	Foldable Back in Stock
Kisha Umbrellas	Meet MINI KISHA - Our Most Affordable Model
Kisha Umbrellas	FREE Shipping Forever + 50% OFF on Kisha Classic Black
Kisha Umbrellas	Kisha Smart Umbrella - 50% OFF Flash Sale
Kisha Smart Umbrella	Kisha Smart Umbrella - 30% OFF New Fun Collection & 50% OFF Kisha Classic Black
Kisha Smart Umbrella	Giveaway - Win A Free Kisha Smart Umbrella This June
Kisha Umbrellas	Kisha Smart Umbrella Family Pack - $58.9 Discount on this bundle + FREE Shipping (Save up to $160)

Tags:

spam

kisha

Rubrik:

Negatives

Killing your Kickstarter Campaign with Fiverr

Gespeichert von eazrael am/um So, 06. Sep 2020 14:03:11

After the Kickstarter data leak in 2014, spam for kickstarter project became common. The scoundrels just use the data from this breach for sending email spam. Some even have real companies and some are individuals offereing their services directly to the campaign starter and others are "hired" by more or less reputable PR/Marketing companies which in turn offer advertisment services to the campaign owner. Looking at the URL in the mails and following redirections, you see mostly the same chain of irresponsibility: Big E-Mail Marketing companies sending out the mail (e.g. SendGrid or SpamChimp) --> the spammer -> marketing company -> kickstarter -> Project Page. So normaly everything is traceable and in case of spam compains any serious company should immediately terminate their contract with the previous element in this chain. Okay, everything can raise a fake company in seconds, but resolute action will make the current campaign worthless and on the long run spamming as a whole.

Normally when confronted, the project owners won't disclose the names of companies commissioned for promotion, effectively protecting the offender and not helping the victims.

A company called Terrahelix started a new campaign for "the future of lawn care" and fell into this trap:

But they gave a small piece of information: They bought a couple of "gigs" on Fiverr, a company I haven't heard of yet. Okay, I seldom run spam campaigns ;-) . Okay, on Fiverr you can buy services including spam errr advertisement:

So looking at the mail again, this spam mail was a little bit different. There was no referral id in the link, so there is no trace back to the one . And the kickstarter owner cannot analyze the success of each campaign and even if the commissioned promoter did anything at all but taking the money. And even worse these people may hurt your campaign, product and your company.

From what I heard, as soon as you start your project on kickstarter you will get a lot of promotion offers, you get a taste of spam yourself. Welcome to the kickstarter shark tank.

"Killing your campaign" was inspired by currenly only commenter on kickstarter.

Tags:

Rubrik:

Fake domain renewal invoice

Gespeichert von eazrael am/um Fr, 31. Mai 2019 14:13:26

Your domain evilazrael.net registration is pending. Failure to complete this order by may result in the cancellation of this notification (making it difficult for your customers to locate you, using search websites on the web).

I wish simply ignoring these "orders" will result in cancelling these "notifications".

One of the best argument of these domain privacy services: less spam.

Tags:

spam

Rubrik:

Negatives

AMD 50th Anniversary Gifts

Gespeichert von eazrael am/um Fr, 31. Mai 2019 12:30:32

So, AMD is celebrating its 50th anniversary with some promo gifts when buying certain AMD products. You can get 2 free games and a free t-shirt. Here are the processes:
T-Shirt

Buy a AMD Ryzen 7 2700X 50th Anniversary Edition
In the Ryzen 7 2700X CPU package you find a small card with a code.
You can redeem this directly on the amdrewards.com page

The Gamebundle

AMD Ryzen 7 2700X 50th Anniversary Edition
Request a Voucher from the shop
Go to amdrewards.com and create an account
Receive the confirmation mail and activate your account
Redeem the voucher
Download, install and run the "AMD Product Verification Tool" (no idea if they have a Linux version)
You get three "credits" and put the 3 games @ 1 credit each in your basket, confirm order
Get an Ubisoft's Usuck activate link for "The divison 2"
Get two codes for Epic's "Exclusives suck" Shop

Tags:

Rubrik:

VirtualBox: !!Assertion Failed!!? Try disabling SME!

Gespeichert von eazrael am/um Sa, 04. Mai 2019 11:47:05

After upgrading from an old FX-8350 to a new ThreadRipper VirtualBox was not able to start any VM in Linux. The error shown in VM was something like "NS_ERROR_FAILURE (0x80004005)"

And in the VM logs were these entries:

!!Assertion Failed!!
Expression: pVM->pVMR0 == CreateVMReq.pVMR0
Location  : /home/vbox/tinderbox/6.0-lnx64-rel/src/VBox/VMM/VMMR3/VM.cpp(591) int vmR3CreateU(UVM*, uint32_t, int (*)(UVM*, VM*, void*), void*)
Stack     :
00007f8970304133 VBoxRT.so + 0x1f1133

For me this was solved by disabling AMDs Secure Memory Encryption (SME) .You can do this in the BIOS/UEFI Setup, via the linux boot parameter mem_encrypt=off or by disabling this during in your next self-compiled kernel.

This was solved by trying to work around a kernel/firmware/AMD bug which caused errors when trimming/discarding from a NVME with an activated IOMMU. After setting the iommu to passthrough discarding worked, but the Broadcom/LSI/Avago RAID controllers and the Radeon driver failed to start:

mpt3sas 0000:09:00.0: SME is active, device will require DMA bounce buffers
mpt2sas_cm0: reply_post_free pool: dma_pool_alloc failed
mpt2sas_cm0: failure at drivers/scsi/mpt3sas/mpt3sas_scsih.c:10506/_scsih_probe()!
radeon 0000:07:00.0: SME is active, device will require DMA bounce buffers

radeon 0000:07:00.0: SME is active, device will require DMA bounce buffers

software IO TLB: SME is active and system is using DMA bounce buffers

[drm:r600_ring_test [radeon]] *ERROR* radeon: ring 0 test failed (scratch(0x8504)=0xCAFEDEAD)

radeon 0000:07:00.0: disabling GPU acceleration

And after disabling SME VirtualBox also worked..

Given my fun with my Lenovo notebook last year and the unblogged fun I have/had with my successor Dell notebook, it seems that the AMD IOMMU is quite a PITA.

Tags:

Rubrik: