[nsp-sec] fyi: ogard irc c&c

Beasley, Cam cam at infosec.utexas.edu
Sun Feb 22 14:38:26 EST 2009

Previous message: [nsp-sec] 2009-02-22 Daily Reports
Next message: [nsp-sec] fyi: ogard irc c&c
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

fyi, we've seen a few compromised computer lab systems being controlled by
the following:

 85.214.63.121:6667
 174.34.156.216:6667
 174.34.132.203:6667
 92.243.4.222:5900

~5000 systems in this botnet last time i checked..

in our case, these machines were being popt via an infected USB thumb drive
(ongard.exe) that was being passed around by students in the lab..

~cam.

Previous message: [nsp-sec] 2009-02-22 Daily Reports
Next message: [nsp-sec] fyi: ogard irc c&c
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the nsp-security mailing list