[nsp-sec] [Team-Cymru] Can someone verify this C&C: 208.73.210.28:80
Dave Monnier
dmonnier at cymru.com
Mon Sep 27 21:42:10 EDT 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 9/27/10 7:16 PM, Joel Rosenblatt wrote:
> Hi,
>
> I just got 14 machine pop up on this C&C signature - I took a look at
> the site and it seems to be some kind of dating page - not the classiest
> site I've ever seen, but I don't see it trying anything funny.
>
> Does someone have any more information, before these poor students of
> ours get to reformat their machines.
>
> Thanks,
> Joel
>
> Joel Rosenblatt, Manager Network & Computer Security
> Columbia Information Security Office (CISO)
> Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033
> http://www.columbia.edu/~joel
Hi Joel,
The host was a c&c as recently as this morning. I've removed the host.
Thanks,
- -Dave
- --
Dave Monnier
Team Cymru
https://www.team-cymru.org/
PGP: http://www.cymru.com/dmonnier/0x7C1AAE55_pub.asc
* See our Twitter feed at http://twitter.com/teamcymru
-----BEGIN PGP SIGNATURE-----
iEYEARECAAYFAkyhR/IACgkQ+29txnwarlXh4wCfQbh4bKfoYoVnNlm7l2B/JXsP
w/QAnR7hbQh4Nc/6GrcjgaO01dliV9Rz
=uEEg
-----END PGP SIGNATURE-----
More information about the nsp-security
mailing list