[nsp-sec] List of compromised devices from MS08-067
Rob Thomas
robt at cymru.com
Mon Oct 27 18:03:11 EDT 2008
Hey, Don.
> Rob, was summertime.1gokurimu.com and perlbody.t35.com distributing the malware or collecting the list of infected systems?
According to Jason Kendall, those aren't malware sites but rather
commands to log those hosts that "check-in" to those URLs.
Thanks,
Rob.
--
Rob Thomas
Team Cymru
http://www.team-cymru.org/
cmn_err(CEO_PANIC, "Out of coffee!");
More information about the nsp-security
mailing list