[nsp-sec] ACK4589 again: compromised websites (torpig)
Robert Kiessling
robert at josebus.org
Thu May 14 04:54:11 EDT 2009
ACK 4589; cleaned & forwarded
Robert
Dirk Stander wrote:
> ----------- nsp-security Confidential --------
>
>
>
> ------------------------------------------------------------------------
>
> Hi,
>
> please find attached a list of websites with injected javascript
> pointing to various mebroot/torpig infection domains. There
> should be no intersections with yesterdays list.
>
> I'm relaying this to nsp-sec by courtesey of the Computer Security
> Group at the University of California at Santa Barbara.
>
> The format is:
> <ASN> | <IP> | <CC> | <normalized domain> <epoch first seen> <uniq IPs> <sample URI> | <AS name>
>
> with kind regards, Dirk Stander (1&1) :.
>
>
> ------------------------------------------------------------------------
>
>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
> community. Confidentiality is essential for effective Internet security counter-measures.
> _______________________________________________
More information about the nsp-security
mailing list