[nsp-sec] DDoS target intel/info request.
Rob Thomas
robt at cymru.com
Mon Dec 19 16:32:42 EST 2011
Hey, Scott.
> The target is: https://invest.etrade.com.au
We see the C&C at 195.3.147.30 hitting it with what appears to be a HTTP
flood. You'll find the C&C URL here:
h x x p : / / sadasdnwqjrrww.net / 887 / index.php
It appears the most recent attack was on or about 2011-12-19 19:54:30 UTC.
Thanks,
Rob.
--
Rob Thomas
Team Cymru
https://www.team-cymru.org/
"Say little and do much." M Avot 1:15
More information about the nsp-security
mailing list