Johannes Beus
(Author)
13.10.2003
It seems that the QHosts-worm was not the only one to take advantage of the Microsoft Internet Explorer vulnerability. The owner of elict.org seems to be doing something similar. Until recently, the URL http://www.elict.org/awards.html showed up regularly in the logfiles as referrer, which encouraged you to take a look who was linking to you. On that page, they rewrote the hosts-file so that all important Adservers would point to the IP 217.160.92.178. According to the Alexa-Trafficrank, it seems as though this was a rather successful endeavor.
hosts
whois 217.160.92.178
whois elict.org
Update (10.17.): The owner of the elict.org domain has issued a statement on this issue on the Abakus-Internet-Marketing forums.
