[nsp-sec] again: compromised websites (torpig)
Huopio Kauto
Kauto.Huopio at ficora.fi
Wed May 13 10:47:56 EDT 2009
Ack on the following - will forward data anonymised to relevant hosting
providers.
Note there is a slight misprint... the correct infected masasoft URL
ends with index.php, not .phppagemotti
15527 | 81.209.15.2 | FI | netikka.net 1241833591 1
http://www.netikka.net/lasse/Alkusivu2.htm | VLP-VLT Autonomous System
16044 | 62.73.58.157 | FI | masasoft.com 1241212563 1
http://www.masasoft.com/index.phppagemotti | AURIA Auria Oy
29422 | 217.149.52.2 | FI | twargh.com 1241687315 1
http://www.twargh.com/ | NBLNETWORKS-AS Nebula Oy Autonomous System
--Kauto
Kauto Huopio - kauto.huopio at ficora.fi
Senior information security adviser
Finnish Communications Regulatory Authority / CERT-FI
tel. +358-9-6966772, fax +358-9-6966515, mobile +358-50-5826131
CERT-FI watch desk daytime: +358-9-6966510 / http://www.cert.fi
More information about the nsp-security
mailing list