[nsp-sec] buzus infected drones
Carlos Fragoso Mariscal
carlos at fragoso.eu
Thu Jul 30 11:41:55 EDT 2009
Hi,
ACK for AS39551 and AS13041.
> 39551 | 83.247.136.245 | ES | 1248459829 | GENCAT-AS
> Generalitat de Catalunya-AS
> 13041 | 84.88.104.1 | ES | 1248602984 | CESCA-AC CESCA -
> Anella Cientifica RREN Autonomous System
Thank you!
-- Carlos
El 30/07/2009, a las 16:59, Dirk Stander escribió:
> ----------- nsp-security Confidential --------
>
> Hi,
>
> please find attached a summary of ASNs with drones showing signs of
> a buzus infection. The drones downloaded the following files during
> the last two weeks from travelthegreenway.com
> http://www.virustotal.com/analisis/97b454b4bd0fe4389aab386b826e2caccc89f0034701f69071a4ac739420fb87-1248722899
> http://www.virustotal.com/analisis/ed6bc4e5a1a19f4afe35441a07841001fef70e43582022c24eaa04a03f8a1488-1248709108
>
> The complete list (~80MB size, ~1M IPs) is here:
> https://www.cymru.com/nsp-sec/Owned/buzus-distinct.cymru.txt
>
> Format:
> <ASN> | <IP> | <CC> | <epoch last seen> | <AS name>
>
> Format of the summary:
> <nr of IPs> <ASN> | <IP> | <CC> | <AS name>
>
> kind regards, Dirk Stander (1&1) :.
> <buzus-distinct.cymru.summary.txt>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the nsp-
> security
> community. Confidentiality is essential for effective Internet
> security counter-measures.
> _______________________________________________
More information about the nsp-security
mailing list