“Your Changelog UPDATED” / cjredret.ru

29

Dec

2011

Another spam, another “redret” domain. This time the spam is a “changelog” one, the malicious payload is on cjredret.ru/main.php.

Date:     Thu, 29 Dec 2011 07:59:51 +0200
From:     accounting@victimdomain.com
Subject:     Re: Fwd: Your Changelog UPDATED

Hello,

as promised chnglog updated -: View Changelog

Carey CATHERINE

The site is hosted on 91.222.137.170 (Delta-X, Ukraine), the same IP address as yesterday. If you don’t have any reason to send traffic to the Ukraine, blocking access to 91.222.136.0/22 might be prudent.

Tags: accounting changelog Delta ip malicious payload ru Spam Traffic ukraine

Written by Dynamoo's Blog

0 Comments

Archives

Archives

About Us

Our mission is to help users and also IT security passionate to reach relevant information related to cyber security.

This publication contains a lot of information and guidance on how to better protect your IT systems, data and activities from malicious factors, and also on how to safely navigate the Internet.

We look forward to hearing from you about cyber safety. Please let us know if there’s something specific you’re interested in learning about.

Contact Us

Name *
Your name is required

E-mail *
Email address entered is invalid

Please enter a message

Incorrect security code

The Latest in IT Security

“Your Changelog UPDATED” / cjredret.ru

Categories

Featured

Archives

Latest Comments

About Us

Contact Us