[nsp-sec] Compromised websites
Dirk Stander
dst+nsp-sec at glaskugel.org
Tue Jan 25 08:28:30 EST 2011
.: Thomas Hungenberg (Tue, Jan 25, 2011 at 01:33:34PM +0100)
> please find below a list of compromised websites that have (or recently had)
> an IFRAME pointing to <hXXp://80.91.191.158/stats/priemIframe.php?part=...> injected.
Thanks and ACK 8560 15418 15456
Btw: the iframe injections came (via compromised FTP credentials)
from 88.198.24.185
cheers, Dirk Stander (1&1 Internet AG) :.
More information about the nsp-security
mailing list