HMA! VPN = FRAUD/CONTAMINATED

1. HMA! = frauds
2.  
3. here a copy of a mail i sent after i downloaded their program that pointed to reseller page
4.  
5. after logging in with 63 char pass they put infected file on page pointing to reseller page
6.  
7. at first a file called ForceInterface.DLL will try to contact malicious websites, after which you might want to download anew, and then this happens.. note the links and know why you should never EVER get Hide My Ass VPN
8.  
9. upon asking explanation about this none was given, only the link as it should have been.
10.  
11.  
12.  
13. ******notice how the windows version is NOT https*********
14.  
15.  
16.  
17.  
18. http://hidemyass.cachefly.net/download/HMA-Pro-VPN-2.6.9-install.exe
19.  
20. https://vpn.hidemyass.com/HMA-Pro-VPN-1.1.7-install.pkg.zip
21.  
22.  
23. https://vpn.hidemyass.com/HMA-Pro-VPN-1.1.7-install-tiger.pkg.zip
24.  
25.  
26. https://vpn.hidemyass.com/linux.zip linux
27.  
28.  
29.  
30.  
31.  
32. I also got a different registrant on the domainsearch
33.  
34. About a week ago my AV alerted me on a malicious website, and pointed the file ForceInterfaceLSP.dll in hma/bin as being the compromised file trying to connect to this IP.
35.  
36. also a file forceInterfaceCOM.dll was in there
37.  
38.  
39. I have since reinstalled my OS and have lost the IP it was trying to connect to.
40.  
41.  
42.  
43. Earlier i reinstalled the service and noticed that despite it being a new reinstall, several of the files were showing dates that weren't today.
44.  
45.  
46.  
47. Noticing this, deleted the program and all files going with that and then saw the difference in download links
48.  
49.  
50. Below the Whois. and the website tucows.com is a reseller service.. and i thought i read somewhere that a download for a trustworthy VPN should never come of a reseller page..
51.  
52.  
53.  
54. Address lookup
55. canonical name hidemyass.cachefly.net.
56. aliases
57. addresses 205.234.175.175
58.  
59.  
60. Domain Whois record
61. Queried whois.internic.net with "dom cachefly.net"...
62.  
63. Domain Name: CACHEFLY.NET
64. Registrar: TUCOWS.COM CO.
65. Whois Server: whois.tucows.com
66. Referral URL: http://domainhelp.opensrs.net
67. Name Server: NS1.ADNS.CACHEFLY.NET
68. Name Server: NS2.ADNS.CACHEFLY.NET
69. Status: clientTransferProhibited
70. Status: clientUpdateProhibited
71. Updated Date: 10-dec-2008
72. Creation Date: 24-feb-2005
73. Expiration Date: 24-feb-2015
74.  
75. >>> Last update of whois database: Wed, 31 Aug 2011 23:03:34 UTC <<<
76.  
77. Queried whois.tucows.com with "cachefly.net"...
78.  
79. Registrant:
80. CacheNetworks, LLC
81. 2002 W Chicago Ave
82. Chicago, IL 60622
83. US
84.  
85. Domain name: CACHEFLY.NET
86.  
87.  
88. Administrative Contact:
89. Admin, DNS dnsadmin@cachenetworks.com
90. 2002 W Chicago Ave
91. Chicago, IL 60622
92. US
93. +1.1111111111
94. Technical Contact:
95. Admin, DNS dnsadmin@cachenetworks.com
96. 2002 W Chicago Ave
97. Chicago, IL 60622
98. US
99. +1.1111111111
100.  
101.  
102. Registration Service Provider:
103. Hover, help@hover.com
104. 416.538.5498
105. http://help.hover.com
106.  
107.  
108.  
109. Registrar of Record: TUCOWS, INC.
110. Record last updated on 17-Dec-2008.
111. Record expires on 24-Feb-2015.
112. Record created on 24-Feb-2005.
113.  
114. Registrar Domain Name Help Center:
115. http://tucowsdomains.com
116.  
117. Domain servers in listed order:
118. NS1.ADNS.CACHEFLY.NET 205.234.175.2
119. NS2.ADNS.CACHEFLY.NET 205.234.175.3
120.  
121.  
122. Domain status: clientTransferProhibited
123. clientUpdateProhibited
124.  
125. Network Whois record
126. Queried whois.arin.net with "n ! NET-205-234-175-0-1"...
127.  
128. NetRange: 205.234.175.0 - 205.234.175.255
129. CIDR: 205.234.175.0/24
130. OriginAS:
131. NetName: CACHENETWORKS-ANYCAST-2
132. NetHandle: NET-205-234-175-0-1
133. Parent: NET-205-234-128-0-1
134. NetType: Reallocated
135. RegDate: 2004-06-07
136. Updated: 2004-06-07
137. Ref: http://whois.arin.net/rest/net/NET-205-234-175-0-1
138.  
139. OrgName: CacheNetworks, Inc.
140. OrgId: CACHE
141. Address: 209 W Jackson Blvd
142. Address: Suite 700
143. City: Chicago
144. StateProv: IL
145. PostalCode: 60606
146. Country: US
147. RegDate: 2003-03-04
148. Updated: 2011-02-09
149. Ref: http://whois.arin.net/rest/org/CACHE
150.  
151. OrgTechHandle: DNSSE-ARIN
152. OrgTechName: DNS Services
153. OrgTechPhone: +1-877-442-2243
154. OrgTechEmail: dnsadmin@cachenetworks.com
155. OrgTechRef: http://whois.arin.net/rest/poc/DNSSE-ARIN
156.  
157. RTechHandle: DNSSE-ARIN
158. RTechName: DNS Services
159. RTechPhone: +1-877-442-2243
160. RTechEmail: dnsadmin@cachenetworks.com
161. RTechRef: http://whois.arin.net/rest/poc/DNSSE-ARIN
162.  
163. DNS records
164. name class type data time to live
165. hidemyass.cachefly.net IN A 205.234.175.175 3600s (01:00:00)
166. cachefly.net IN SOA server: ns1.adns.cachefly.net
167. email: hostmaster.cachefly.net
168. serial: 1314831603
169. refresh: 16384
170. retry: 2048
171. expire: 1048576
172. minimum ttl: 2560
173. 2560s (00:42:40)
174. cachefly.net IN NS ns1.adns.cachefly.net 86400s (1.00:00:00)
175. cachefly.net IN NS ns2.adns.cachefly.net 86400s (1.00:00:00)
176. 175.175.234.205.in-addr.arpa IN PTR vip1.g-anycast1.cachefly.net 46437s (12:53:57)
177.  
178. Traceroute
179. Tracing route to hidemyass.cachefly.net [205.234.175.175]...
180.  
181. hop rtt rtt rtt ip address fully qualified domain name
182. 1 1 1 1 70.84.211.97 61.d3.5446.static.theplanet.com
183. 2 0 0 0 70.87.254.5 po101.dsr02.dllstx5.networklayer.com
184. 3 1 0 0 70.85.127.109 po52.dsr02.dllstx3.networklayer.com
185. 4 0 0 0 70.87.253.29 e5-2.ibr04.dllstx3.networklayer.com
186. 5 0 0 0 64.208.170.197 gigabitethernet7-3.ar2.dal2.gblx.net
187. 6 0 0 0 205.234.175.175 vip1.g-anycast1.cachefly.net
188.  
189. Trace complete
190.  
191. Service scan
192. FTP - 21 Error: ConnectionRefused
193. SMTP - 25 Error: ConnectionRefused
194. HTTP - 80 HTTP/1.1 404 Not Found
195. Server: CFServ v0530
196. Date: Wed, 31 Aug 2011 23:04:37 GMT
197. Content-Type: text/html
198. Content-Length: 167
199. Connection: close
200. X-CF1: fH.ord1:nom:cacheH.ord1-01
201. POP3 - 110 Error: ConnectionRefused
202. IMAP - 143 Error: ConnectionRefused
203.  
204.  
205. these faggots deserve to be nuked