More NACHA spam, this time pointing to cgredret.ru (which we’ve seen before) which delivers a malicious payload.
Date: Thu, 22 Dec 2011 03:37:35 +0530
To: [email protected]
Subject: ACH Transfer rejected
ACH transaction, initiated from your checking account, was canceled.
Transfer ID: B2793447923US
Transfer Report: View
NACHA – The Electronic Payment Association
cgredret.ru has moved since yesterday and is now on 126.96.36.199. Unsurprisingly, it is now on Digital Network JSC in Russia (aka DINETHOSTING). Block access to 188.8.131.52/20 if you can.
Leave a reply