The Latest in IT Security link leads to malware


Another case of the redirector being used for evil:

From:     Dilip Lalita [email protected]
Date:     14 March 2012 09:38
Subject:     Changes in FDIC policy #22666447
Signed by:

Id 36-4866333-96425034-8-662
< !–KG 19021150 K

HF 22555007 Z leads to  (multihomed, see below) and then to a malicious payload site at (iPower, US). This URL contains an exploit kit.

The intermediate step is hosted on several servers: (Ukrainian American Joint Venture, Ukraine) (VIPnet, Croatia) (ER-Telecom Holding, Russia) (Galitski Telekommunications, Ukraine) (Yokozunanet, Mongolia) (BSNL Internet, India) (Pakistan Telecommunication Company Limited, Pakistan) (TATA Communications, India) (HINET, Taiwan) (Rostelecom, Russia) (Invitel, Hungary) (Kazakhtelecom, Kazakhstan) (Kazakhtelecom, Kazakhstan) (Rostelecom, Russia) (Alice, Italy) (Intersvyaz-2, Russia) (Open Computer Network, Japan) (Reliance Communication, India) (Bharti Airtel, India)  (Kazakhtelecom, Kazakhstan)

This is a plain list for copy-and-pasting:

Leave a reply


TUESDAY, MAY 22, 2018



Latest Comments

Social Networks