The Latest in IT Security

Facebook “You have notifications pending” spam / francese.ru

04
Dec
2012


This fake Facebook spam leads to malware on francese.ru:

Date:      Tue, 4 Dec 2012 03:38:42 +0000
From:      [email protected]
Subject:      You have notifications pending

facebook
Hi,
Here’s some activity you may have missed on Facebook.
SALLIE FELIX has posted statuses, photos and more on Facebook.
Go To Facebook
   
See All Notifications
This message was sent to postinialerts@[redacted]. If you don’t want to receive these emails from Facebook in the future or have your email address used for friend suggestions, please click: unsubscribe.

Facebook, Inc. Attention: Department 415 P.O Box 10005 Palo Alto CA 94303

The malicious payload is at [donotclick]francese.ru:8080/forum/links/column.php  hosted on the following IP addresses:

42.121.116.38 (Aliyun Computing Co, China)
202.180.221.186 (GNet, Mongolia)
203.80.16.81 (MYREN, Malaysia)
208.87.243.131 (Psychz Networks , US)
219.255.134.110 (SK Broadband, Korea)

Plain list for copy-and-pasting:
42.121.116.38
202.180.221.186
203.80.16.81
208.87.243.131
219.255.134.110

Leave a reply


Categories

THURSDAY, MARCH 28, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments