Russia | DataProtectionCenter.com

All Carberp botnet organizers arrested

02

Jul

2012

We have been tracking the Carberp cybercrime group’s activity for three years now. Tracking started in 2009 with the first samples of the Carberp malcious software seen in the wild. By the beginning of 2010 the second wave of Carberp activity had forced out other banking malware families (Win32/Spy.Shiz, Win32/Hodprot) in Russia. We summarized the […]

Category General Written by ESET ThreatBlog 0 Comments

“Your Flight Order ?994284” / saprolaunimaxim.ru

12

Jun

2012

This fake flight email leads to malware on saprolaunimaxim.ru. From: Simonne Storey [sandy@krishermckay.com] Subject: Your Flight Order ?994284 Dear Customer, FLIGHT NUMBER A45-342 DATE & TIME / JUNE 27, 2012, 10:140 PM ARRIVING: NEW YORK JFK TOTAL PRICE : 456.62 USD Please download and print out your ticket here: DOWNLOAD Amercian Airlines{br[1-5]} The link hoes […]

Category Security Written by Dynamoo's Blog 0 Comments

partyysoon.info injection attack in progress

12

Jun

2012

I haven’t had much time to analyse this yet, but there seems to be some sort of injection attack using the domain partyysoon.info. It may be targeting sites in Sweden. Malicious URLs (don’t click these, obviously): hxxp:||partyysoon.info/index.php hxxp:||partyysoon.info/js_pa/F.class hxxp:||partyysoon.info/Set.jar hxxp:||gotchasworkspaces.in/duquduqu1/font.php hxxp:||beards.christianmomsgetaways.com/index.php?p=b2e04035f7b91e43 These IPs and domains are all related to the attack: 5.10.65.142 (Spinor J Ltd […]

Category Security Written by Dynamoo's Blog 0 Comments

The Latest in IT Security

Posts Tagged ‘Russia’

“Your Flight Order ?994284” / saprolaunimaxim.ru

partyysoon.info injection attack in progress

Categories

Featured

Archives

Latest Comments

About Us

Contact Us