Tech Support Scam STILL ACTIVE

Scams Robo Calls
1

This tech support scam number has been active for a LONG time now. Even after I’ve been wasting their time for the last month or so, they never change it.

Also contacted the hosting company (In India) to take down their sites, no reply. Same with their phone number hosting company.

Main:
Number: 1-888-630-3860
One of their many websites: https://acer.support-phone-number.net/

Secondary:
1-888-316-4403
https://geeksquadprotection.com/

IP: 103.47.16.186
Hosting: homebroadband.tv
Phone Provider: RINGCENTRAL, INC.

2

@pixel375#46056 Goes to voicemail

3

@Rajeshi_Gardner

Someone must have spammed them pretty nicely. Try again in a few hours.

I wouldn't worry too much.. I just hacked their server. Working on getting root access now..

Not sure what I should do after.. Wipe their server? Make them pay me and then wipe it anyway?

Thoughts?

4

Just delete system32 then cut the power to the server

5

@pixel375#46056

Registrant Name: Nitin Tyagi

Registrant Organization:

Registrant Street: FF65 Vyapar Kendra, Sushant Lok 1

Registrant City: Gurgaon

Registrant State/Province: Haryana

Registrant Postal Code: 122009

Registrant Country: IN

Registrant Phone: +91.9873484741

6

Ive reported with all this information provided for evidence via Delhi Cyber police. Waiting for their response so they can investigate as soon as possible that they can able to do some police action to track more and catch these dirty bastards.

http://cybercelldelhi.in/Districtcybercell.html

Dont email guys cause Ive email much information as possible so we got to wait

Wpx

7

Remote Install Veeam - Copy/Backup server

Wire with remote install of DiskAgent - REBOOT.

Goodnight, Comrade.

8

@pixel375#46103 Copy important info like victim’s data, passwords, names of key owners/players.

9

There is no victim data, at least not on the hosting server itself. However, here is one of their sites i hacked. (This is the site I used to get into their server, now doing basic PHP to run exec commands)

http://hp-support-phone-number.com/

Don't mind the advertising to my website, I forced a couple of them to sign up, so kinda my thing haha.

10

Ignore my last message… I accidentally deleted the directory, and lost all access :frowning:

Here is some info of the account I had hacked if it's useful to anyone still:

DB_NAME: hp_support_phone_number_wordpress
DB_USER: hp-support-phone
DB_PASSWORD: Roushan@2927

ls -la /home/ : https://pastebin.com/j2JT0pMw
ls -la /etc/apache2/sites-available : https://pastebin.com/ENDAKY62

And now I'm gonna go cry for messing up. Cheers.

11

I ip stressed him, i asked him if he was hungry he said yes so i said eat my packets beinchode

12

image screenshot-1png.png![image screenshot-1png.png](replace/assets/files/2018-08-16/10:21:260-screenshot-1png.png)

This looks like the Delhi cyber police is going to reply something back cause all this useful information and evidence that I have as well is email toward them. The more evidence you guys share the more better, and I source the credits for all you guys did.

Hopefully they will reply cause they forward the email toward a different cyber cell in India.

WPX

13

@pixel375 how did you find their phone provider?

14

@aaronf#46373

800forall.com

15

All the sites are dead now

16

Sweet

17

Time to shut down http://inteldefender.com/

xD

18

Nevermind, those guys have more sites…

IP: 107.180.25.20
https://viewdns.info/reverseip/?host=best-buy-geek-squad.com&t=1

19

Ignore the link. Seems like shared hosting. Here is some domains:

http://best-buy-geek-squad.com/

http://kaspersky-phone-number.com/

https://1800-geek-squad.com/


20

173.255.251.230