[nsp-sec] Twitter under attack?
Shelton, Steve
sshelton at Cogentco.com
Thu Aug 6 12:46:03 EDT 2009
Guy's
Some of the spammed urls including Facebook and Youtube that were seen
here were which suggest the list of victims may be larger than just a
few sites.
Depicted as mail source | spammed URL:
83.9.162.247 | www1.abkhaziya.net
201.50.29.50 | facebook.com/cyxymu
79.178.199.67 | cyxymu1.livejournal.com
189.31.187.42 | youtube.com/Cyxymu
Steve Shelton
Network Security Engineer
Cogent Communications
-----Original Message-----
From: nsp-security-bounces at puck.nether.net
[mailto:nsp-security-bounces at puck.nether.net] On Behalf Of Scott A.
McIntyre
Sent: Thursday, August 06, 2009 9:50 AM
To: David Freedman
Cc: nsp-security at puck.nether.net
Subject: Re: [nsp-sec] Twitter under attack?
----------- nsp-security Confidential --------
On Aug 6, 2009, at 16:56 , David Freedman wrote:
> ----------- nsp-security Confidential --------
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> "Ongoing denial-of-service attack 6 minutes ago
> We are defending against a denial-of-service attack, and will update
> status again shortly." - http://status.twitter.com
>
> Anybody have contacts there who may need our help?
At the time this started I noticed a large flood of emails through our
network which were like:
---
Helo.
Visit my blog!
hxxp:// twitter .com/cyxymu
Thanks for looking my Blog.
---
Regards
mailto:cyxymu at gmail.com
---
Spaces added by me. Also seen:
---
hi.
Important message: Watch for ya!
hxxp:// cyxymu1. livejournal.com
Thanks for looking my Blog.
---
Regards
mailto:cyxymu at gmail.com
---
Maybe a coincidence, maybe not. I see a lot of 80/tcp syn and 443/tcp
syn heading there, but I have no idea if that's normal and just due to
Twits not being able to talk to the mothership or what...
Scott A. McIntyre
XS4ALL
_______________________________________________
nsp-security mailing list
nsp-security at puck.nether.net
https://puck.nether.net/mailman/listinfo/nsp-security
Please do not Forward, CC, or BCC this E-mail outside of the
nsp-security
community. Confidentiality is essential for effective Internet security
counter-measures.
_______________________________________________
More information about the nsp-security
mailing list