The Latest in IT Security

Intuit.com spam / migdaliasbistro.net and 213.179.193.132

02
Mar
2012

The past couple of days have seen a lot of identical “Intuit.com” spam runs. Another one is starting up today with a malicious payload on migdaliasbistro.net hosted on 213.179.193.132 (Solidhost, Netherlands) and 41.64.21.71 (Dynamic ADSL, Egypt)

In particular, malware can be found at:
migdaliasbistro.net/main.php?page=4f7249b62ef4f934
migdaliasbistro.net/content/ap2.php?f=86cd2

There’s a Wepawet report here.

There are several potentially malicious sites on this server. Blocking the IP address should protect against other evil domains:
perikanzas.com
abc-spain.net
migdaliasbistro.net
twistedtarts.net

Leave a reply


Categories

THURSDAY, DECEMBER 14, 2017

Featured

Archives

Latest Comments

Social Networks