The Latest in IT Security

dfrgcc.com injection attack in progress

23
Sep
2011

Thousands of sites are currently being hit by an injection attack pointing to dfrgcc.com/ur.php a domain registered to someone using the infamous hotmailbox.com domain for email.

   JamesNorthone
   James Northone [email protected]
   +1.5168222749 fax: +1.5168222749
   128 Lynn Court
   Plainview NY 11803
   us
The site is hosted on 188.229.88.103 which is the equally infamous Netserv Consult SRL in Romania. 188.229.88.103 hosts the following sites:

bookfula.com
bookgusa.com
bookmonn.com
bookmono.com
booknunu.com
bookvila.com
bookzula.com
dfrgcc.com
file-dl.com
xxxtubes8.com

These domains are pretty familiar, having previously been hosted in Lithuania. This marks them out as the same people behind the infamous LizaMoon attack.

Netserv Consult SRL host a wide variety of bad sites. Blocking 188.229.0.0/17 (188.229.0.0 – 188.229.127.255) will probably do you no harm.

Leave a reply


Categories

SATURDAY, SEPTEMBER 21, 2019
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments

Social Networks