Medfos sites to block 31/5/13

The following domains and IPs are currently being used as C&C servers by the Medfos family of trojans (this one in particular):

84.32.116.110
85.25.132.55
173.224.210.244
184.82.62.16
188.95.48.152
ehistats.su
emstats.su
ieguards.su
iestats.cc
inetprotections.su
iprotections.su
netprotections.cc
sysinfo.cc
sysinfonet.cc
westats.cc

The hosts involved are:
84.32.116.110 (LIX Solutions, Lithunia

Read More

NewEgg.com spam / 174.140.171.233

This fake NewEgg.com spam leads to malware on 174.140.171.233:


Date:      Thu, 30 May 2013 16:06:12 +0000 [12:06:12 EDT]From:      Newegg [info@newegg.com]Subject:      Newegg.com - Payment  ChargedNewegg logo     My Account     My Account |     Customer Services     Customer Services�Twitter     Twitter     You Tube     You Tube     Facebook     Facebook     Myspace     Myspaceclick to

Read More

ADP spam / 4rentconnecticut.com and 174.140.171.233

These fake ADP spams lead to malware on 4rentconnecticut.com:


Date:      Thu, 30 May 2013 12:41:28 -0500 [13:41:28 EDT]
From:      "ADPClientServices@adp.com" [ADPClientServices@adp.com]
Subject:      ADP Funding Notification - Debit Draft

Your Transaction Report(s) have been uploaded to the web site:

https://www.flexdirect.adp.com/client/login.aspx

Please note that your bank account will

Read More

Al Rowaad Advocates - scumbag, spammy lawyers

This scumbag law firm from the UAE advertises itself through spam.


From:     Professional Lawyers in the UAE [uaelawyers@gmx.com]Reply-To:     uaelawyers@gmx.comDate:     30 May 2013 18:52Subject:     Al Rowaad Advocates - Monthly Newsletter - May 2013Dear Sirs,Please forgive our direct email which is intended to give a brief introduction to our law firm based in the United Arab Emirates.Al

Read More

Amazon.com 55 inch TV spam / ozonatorz.com

This earlier spam run about various brands of 55 inch TVs from Amazon has been updated and is now directing victims to a malware landing page on the domain ozonatorz.com:

Subscribe to: Posts (Atom)