[nsp-sec] Compromised hosts with Torpig
Klaus Moeller
moeller at dfn-cert.de
Mon Feb 23 11:00:08 EST 2009
Am Freitag, 20. Februar 2009 17:32:35 schrieb Florian Weimer:
> The following is a list of hosts which have very likely been infected
> with Torpig, based on POST requests to certain Torpig-specific
> domains. Torpig offers a sophisticated browser injection engine and
> is used for manipulating web-based transaction systems.
ACK AS 553, 680, 29484
Best regards,
Klaus Möller, DFN-CERT
--
Dipl. Inform. Klaus Moeller (Incident Response Team)
Phone: +49 40 808077-555, Fax: +49 40 808077-556
DFN-CERT Services GmbH, https://www.dfn-cert.de, Phone +49 40 808077-555
Sitz / Register: Hamburg, AG Hamburg, HRB 88805, Ust-IdNr.: DE 232129737
Sachsenstrase 5, 20097 Hamburg/Germany, CEO: Dr. Klaus-Peter Kossakowski
16. DFN-Workshop Sicherheit in vernetzten Systemen
https://www.dfn-cert.de/ws2009/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 486 bytes
Desc: This is a digitally signed message part.
URL: <https://puck.nether.net/mailman/private/nsp-security/attachments/20090223/6f44c6c8/attachment-0001.sig>
More information about the nsp-security
mailing list