|Net Range||220.127.116.11 – 18.104.22.168|
Over a 6 month period while monitoring their activities we found out that they tend to target systems and abuse systems. Abuse includes connecting to systems and running manual commands against the servers, as well as connecting to the same email server with multiple SMTP servers running multiple commands.
This company does not have any legitimate support desk or contact information. This company also retained many domain names that are just ambiguous names which they use to spam and abuse systems from.
Our investigations also suggest that this is a Korean business that is only in business for abusing and exploiting businesses in the United States, England, and other European sectors.