[nsp-sec] compromised websites (ZeuS drive-by downloads)
SURFcert - Peter
p.g.m.peters at utwente.nl
Tue Apr 28 10:55:09 EDT 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Dirk Stander wrote on 28-4-2009 16:52:
> .: SURFcert - Peter (Tue, Apr 28, 2009 at 04:19:11PM +0200)
>> We have had a report dated April 24 regarding this site. It was resolved
>> that same day. Could this be that incident or is this one from a later date?
>
> Hi Peter,
>
> this could be the same incident -- first signs of the redirected traffic
> have been seen at ~ 23/Apr/2009:02:01:38 UTC
Then we have an ACK for AS1103. We received the report at or around
05:36 UTC and resolved it before 14:48.
- --
Peter Peters
SURFcert Officer off Duty
cert at surfnet.nl http://cert.surfnet.nl/
office-hours: +31 302 305 305 emergency (24/7): +31 622 923 564
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFJ9xjMelLo80lrIdIRAvejAJsGnFwRdi/S/2SEbgMCc/aiX1YJJACgo2UM
d/fBgKM/LAlyJDl9VLZ32Ew=
=uraj
-----END PGP SIGNATURE-----
More information about the nsp-security
mailing list