[nsp-sec] ATTN AS 12553 malware hosting
Mike Tancsa
mike at sentex.net
Wed Apr 8 14:56:56 EDT 2009
At 12:20 PM 4/8/2009, Mike Tancsa wrote:
>I also found a pdf with more embedded java script as well as a flash
>file that it sends to the visitor. None of my AV scanners see
>anything wrong with them. If anyone is interested in passing the
>files on, they can be found at
>http://www.tancsa.com/94.247.2.195.zip
One last note, the compromise came from 69.46.24.231 (02:30 GMT)
today, April 8th
% whois -h whois.cymru.com 69.46.24.231
AS | IP | AS Name
29802 | 69.46.24.231 | HVC-AS - HIVELOCITY VENTURES CORP
---Mike
More information about the nsp-security
mailing list