Suspicious MSN Activity?

Today, I received a strange message from a friend on MSN. Just a link: http://xxxxx.0a8qmz.info where xxxxx was my friend’s name. Just the URL, nothing else. It was not a normal behaviour for him!

For security (we never know what can happen), I started a new browser in a VM and visited the link above. The following login screen was displayed:

Of course, I did not give my MSN information but investigated further.
First, the domain is registered in Panama:

The website is hosted in Honk-Kong:

inetnum:      116.50.8.0 - 116.50.15.255
netname:      HOSTFRESH
descr:        HostFresh
descr:        Internet Service Provider
country:      HK
admin-c:      PL466-AP
tech-c:       PL466-AP
status:       ALLOCATED PORTABLE
mnt-by:       APNIC-HM
mnt-lower:    MAINT-HK-HOSTFRESH
mnt-routes:   MAINT-HK-HOSTFRESH
remarks:      Please send Spam & Abuse report to
remarks:      abuse@hostfresh.com
remarks:      -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks:      This object can only be updated by APNIC hostmasters.
remarks:      To update this object, please contact APNIC
remarks:      hostmasters and include your organisation's account
remarks:      name in the subject line.
remarks:      -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
changed:      hm-changed@apnic.net 20070307
source:       APNIC

The login page contained an HTML form which called “login.php”. I tried several username/password pairs and finally tested with a “dummy” account. Once successfully logged in, you are redirected to PerfSpot, a social networking site (unknown to myself). What happened with the MSN credentials that I provided? no idea! I suppose that the site will connect to the dummy account, grab my contacts and send them the same message as I received today. Take care anyway!