[nsp-sec] Koobface C&Cs
Thomas Hungenberg
th.lab at hungenberg.net
Thu Sep 17 09:18:22 EDT 2009
Please find attached a list of additional Koobface controllers seen.
- Thomas
CERT-Bund Incident Response & Anti-Malware Team
Thomas Hungenberg schrieb:
> ----------- nsp-security Confidential --------
>
>
>
> ------------------------------------------------------------------------
>
>
> Forwarded to nsp-sec with permission from Morten:
>
> ----------------------------------------------------------------
> Hi all,
>
> I've attached a list of urls that setup.exe/ld14.exe phones home to
> (POST /.sys/?action=ldgen&v=14).
>
> All hosts were confirmed active few minutes ago.
>
>
> Best regards,
> Morten
> ----------------------------------------------------------------
>
> Format: ASN | CC | IP | Koobface C&C URL
>
>
> - Thomas
>
> CERT-Bund Incident Response & Anti-Malware Team
>
>
>
> ------------------------------------------------------------------------
>
>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
> community. Confidentiality is essential for effective Internet security counter-measures.
> _______________________________________________
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: koobface_new.txt
URL: <https://puck.nether.net/mailman/private/nsp-security/attachments/20090917/c64cef41/attachment-0001.txt>
More information about the nsp-security
mailing list