New
#1
The Nirsoft iceberg
Due to another topic about reg cleaners, i went to one Website for a utility that i have used for quite some time and decided to do some investigative work. i generally try to validate software before i run it using social engineering techniques which i don't think is the right term here but we will go with that.
I then go through the course of preemptive checking the application using several methods before it even running it. I then watch what the app is doing using several methods to make sure its not doing anything weird.
I know i would of checked this app prior to using it but this was years ago and once i deem something ok to use i never have to scrutinize it again unless it shows me reason to do so.
I know long winded but the build up, has anyone known? or is it known? or what do you know about Nirsoft? is there an Iceberg here?
Registry Cleaner Software Downloads at RegSofts.com
^ The domain for the app i am talking about. But the Domain is also connected to many others exactly how many i have no idea because its designed in a way where you are like finding Easter eggs on a hunt. One thing that gave it away was when i analyzed an alternate mirror i trimmed the link down to just the base domain and then found that the mirror is another site hosting more software. But one thing i noticed is that the mirror is using the same sort of styling in its theme, like the download icons where the exact same.
Whois regsofts.com
Whois eusing.com
Whois cleanersoft.com
Whois itusoft.com
I am sure there is potentially a lot more domains than this tbh but you have to go through each site and find them.
Whois nirsoft.net
If you compare the information to Nirsoft they are held by the same registrar service and also the same Registrant which could be coincidence but also could be a real sign.
Yes this info can be faked but its not wise to do so because you can be revoked. ICANN is the authority on domains and it strives to keep them informatively correct. I think also the fact that these domains are 20 years old some of them and other are over 10 - 15 years old. I think this means loosley that they are not scam domains, it also places them around the same age as Nirsoft.
You can also see that there is redacted information for privacy reasons which is fine to do but is usually a paid feature through a domain service. So a hacker or scam site probably not going that far.
I have seen some of these domains in the past but never put 2 and 2 together.
IDK seems like an iceberg to me and each domain has software that is not on any of the others. i pulled a couple of apps of some of these just now just to VT them to further paint a picture and they came up clean.
If anyone knows anything else or works out info then please share that. The blurb on Nirsoft's website could also be a parable so it could be some truth but also an alias.
Also notice how the term "soft" is a common term in the some of the domains.
Last edited by Malneb; 12 Apr 2024 at 06:31.