[nsp-sec] Large mirai-variant - null routing and cleanup requested
RuthAnne Bevier
ruthanne at caltech.edu
Tue Dec 5 20:14:25 EST 2017
On Tue, Dec 05, 2017 at 05:06:20PM -0800, Barry Greene wrote:
> > On Dec 5, 2017, at 4:52 PM, Benjamin, Mike <Mike.Benjamin at centurylink.com> wrote:
> >
> > Due to the swift nature this botnet was built and its large size we've decided to pre-emptively null route the C2 hosted at 95.211.123[.]69. This null route is active in AS3356, 209 and 3549.
>
> If you can, please Ack to the list when you Null route.
Null routed at AS31.
--RuthAnne
--
RuthAnne Bevier
Chief Information Security Officer
California Institute of Technology
626 395 2671
More information about the nsp-security
mailing list