This spam leads to malware on aseniakrol.ru:Date: Tue, 11 Dec 2012 10:46:43 -0300The malicious payload is at [donotclick]aseniakrol.ru:8080/forum/links/column.php hosted on a bunch of IPs that have been used for malware before:
From: Tarra Comer via LinkedIn [member@linkedin.com]
Subject: Re: Your Changelog UPDATED
Hi,
as promised your changelog - View
I. Easley
202.180.221.186 (GNet, Mongolia)
212.162.52.180 (Secure Netz, Germany)
212.162.56.210 (Secure Netz, Germany)
No comments:
Post a Comment