[nsp-sec] FW: Eircom issues
Florian Weimer
fweimer at bfk.de
Tue Jul 14 03:23:52 EDT 2009
* Rob Thomas:
> We see HTTP C&Cs hosted on 69.64.147.242 as far back as 2009-04-28
> 06:37:47 UTC and as recently as 2009-05-12 09:30:18 UTC.
This is caused by malware which embeds domain names which have
subsequently been taken over by typosquatters and parked at that
ENOM-hosted service, right?
--
Florian Weimer <fweimer at bfk.de>
BFK edv-consulting GmbH http://www.bfk.de/
Kriegsstraße 100 tel: +49-721-96201-1
D-76133 Karlsruhe fax: +49-721-96201-99
More information about the nsp-security
mailing list