[nsp-sec] yahoo malware
Jon Lewis
jlewis at lewis.org
Wed Jul 6 10:19:46 EDT 2011
The zeus bot guy is back.
http://www.federal-taxes-irs[dot]com/taxes-report.pdf.exe
;; QUESTION SECTION:
;www.federal-taxes-irs.com. IN A
;; ANSWER SECTION:
www.federal-taxes-irs.com. 1106 IN CNAME sbsfe.geo.mf0.yahoodns.net.
sbsfe.geo.mf0.yahoodns.net. 206 IN A 98.139.135.22
sbsfe.geo.mf0.yahoodns.net. 206 IN A 98.139.135.21
;; AUTHORITY SECTION:
mf0.yahoodns.net. 172706 IN NS mf3.yahoo.com.
mf0.yahoodns.net. 172706 IN NS mf4.yahoo.com.
mf0.yahoodns.net. 172706 IN NS mf1.yahoo.com.
mf0.yahoodns.net. 172706 IN NS mf2.yahoo.com.
----------------------------------------------------------------------
Jon Lewis, MCP :) | I route
Senior Network Engineer | therefore you are
Atlantic Net |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
More information about the nsp-security
mailing list