[nsp-sec] ATT Bell - ACK
White, Gerard
Gerard.White at bellaliant.ca
Wed Sep 2 04:13:19 EDT 2009
Thanks Zane.
FWIW, the same FF Botnet is also being used to phish "Alliance &
Leicester" and deliver a piece of malware to targeted folks who really,
really like looking at pictures :)
See:
hxxp:/ /www.mybank.alliance-leicester304.com /
and
hxxp:/ /my-pictures-downloads.com /
Where you too can pick up a copy of 70ce52ace5521e851aca44173a07aeb5:
http://www.virustotal.com/analisis/9d7766dc923d2649e8d2053c99ccf4ce5cbad
a10afdeda2082b9a6f919e67dc4-1251877614
GW
855 - Bell Aliant
-----Original Message-----
From: nsp-security-bounces at puck.nether.net
[mailto:nsp-security-bounces at puck.nether.net] On Behalf Of Zane Jarvis
Sent: Wednesday, September 02, 2009 2:38 AM
To: NSP nsp-security
Subject: [nsp-sec] ATT Bell
----------- nsp-security Confidential --------
Hi,
Fastflux URL being used in a phish against you.
hxxp:// Bell.ca.upgrade-accounts.com /home/index.htm
We've sent a domain dereg but you may wish to follow up.
Regards,
Zane.
---
Zane Jarvis, Computer Security Analyst | Hotline: +61 7 3365 4417
AusCERT, Australia's national CERT | Fax: +61 7 3365 7031
The University of Queensland | WWW: www.auscert.org.au
QLD 4072 Australia | Email:
auscert at auscert.org.au
_______________________________________________
nsp-security mailing list
nsp-security at puck.nether.net
https://puck.nether.net/mailman/listinfo/nsp-security
Please do not Forward, CC, or BCC this E-mail outside of the
nsp-security
community. Confidentiality is essential for effective Internet security
counter-measures.
_______________________________________________
More information about the nsp-security
mailing list