[nsp-sec] ACK 174 RE: Compromised websites
Shelton, Steve
sshelton at Cogentco.com
Tue Jul 10 10:38:44 EDT 2012
Hello,
ACK for AS174, thanks! Will do some clean up and proxy for a few more ASN's.
Steve Shelton
Security Engineer
Cogent Communications
-----Original Message-----
From: nsp-security-bounces at puck.nether.net [mailto:nsp-security-bounces at puck.nether.net] On Behalf Of Thomas Hungenberg
Sent: Tuesday, July 10, 2012 10:27 AM
To: nsp-sec
Subject: [nsp-sec] Compromised websites
----------- nsp-security Confidential --------
Hi,
please find below a list of websites that recently have been found compromised by Symantec.
The attackers uploaded a malicious .htaccess to redirect users to sites spreading Trojan.Milicenso.
See this report for more information:
http://www.symantec.com/connect/blogs/trojanmilicenso-infection-through-htaccess-redirection
Format: ASN | CC | IP | hostname | AS name
174 | ES | 80.91.80.23 | ava.aceimar.com | COGENT Cogent/PSI
174 | ES | 80.91.89.53 | legamania.com | COGENT Cogent/PSI
174 | ES | 80.91.89.53 | www.fotomontajemadrid.es | COGENT Cogent/PSI
174 | ES | 80.91.89.53 | www.legamania.es | COGENT Cogent/PSI
174 | ES | 80.91.89.53 | www.luciasecasa.com | COGENT Cogent/PSI
174 | GB | 188.64.188.121 | www.49inkerman.co.uk | COGENT Cogent/PSI
174 | US | 38.110.76.20 | irtciac.com | COGENT Cogent/PSI
174 | US | 74.220.18.121 | www.guayasaminschool.com | COGENT Cogent/PSI
- Thomas
CERT-Bund Incident Response & Anti-Malware Team
_______________________________________________
nsp-security mailing list
nsp-security at puck.nether.net
https://puck.nether.net/mailman/listinfo/nsp-security
Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
community. Confidentiality is essential for effective Internet security counter-measures.
_______________________________________________
More information about the nsp-security
mailing list