[nsp-sec] Compromised websites

Tue Jul 10 13:41:45 EDT 2012

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 7/10/2012 10:27 AM, Thomas Hungenberg wrote:
> Hi,
> 
> please find below a list of websites that recently have been found
> compromised by Symantec. The attackers uploaded a malicious .htaccess
> to redirect users to sites spreading Trojan.Milicenso.

We'll look into the following:

> 132.216.177.32|macdonaldcampusathletics.mcgill.ca
> 192.77.116.69|www1.chapman.edu
> 147.174.1.28|www2.selu.edu
> 169.227.254.22|mpsfoundation.net (milwaukee.k12.wi.us)
> 169.227.254.22|www.mpsfoundation.net (milwaukee.k12.wi.us)
> 150.134.10.14|people.ysu.edu

Thanks!

Gabe

- --
Gabriel Iovino
Principal Security Engineer, REN-ISAC
http://www.ren-isac.net
24x7 Watch Desk +1(317)278-6630
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)

iEYEARECAAYFAk/8aVcACgkQwqygxIz+pTsYSgCdFsu1uhbsk5V+kryc8VC3azPk
o4gAn21jIUwNUbM7wxkYuDfa59H6IPwY
=IEuN
-----END PGP SIGNATURE-----