There are several variants of the spam, but they are all very similar and look something like this:
Date: Sun, 23 Dec 2012 14:26:32 +0530I suspect that there is more malicious activity in the 46.249.42.0/24 range and blocking access to it would be a very good thing to do.
From: "Secure.Message"
Subject: Alert: New message
Click here to view the online version.
Hello [redacted],
You have 4 new messages.
Read now
� Copyright 2012 SecureMessage. All rights reserved.
If you would like to update your profile or unsubscribe, please click here.
PLEASE DO NOT REPLY TO THIS MESSAGE.
If you require Technical Support, please check Support Center for information.
These are the malicious domains that I can currently identify on those IPs:
46.249.42.161
new-dating-2010.asia
bestdating-2010.asia
datingcool-2010.asia
great-dating2010.asia
freshdating2010.asia
moderndating2010.asia
newmeeting2010.asia
newdatingafter2010.asia
datingbest2010.asia
datingcool2011.asia
datingbest2011.asia
site-dating-2012.asia
great-dating-2012.asia
best-dating-2012.asia
greatdating-2012.asia
newdatingworld2012.asia
site-dating2012.asia
great-dating2012.asia
best-dating2012.asia
freshdating2012.asia
cooldating2012.asia
moderndating2012.asia
greatdating2012.asia
bestdating2012.asia
latestdating2012.asia
newmeeting2012.asia
datingcool2012.asia
newdatingafter2012.asia
datingbest2012.asia
dating-2013.asia
new-dating2013.asia
x-dating2013.asia
my-dating2013.asia
mydating2013.asia
matic.asia
puzdoc.asia
cattified.asia
feebled.asia
jugated.asia
collected.asia
urrected.asia
bested.asia
mail.bested.asia
www.bested.asia
huckleland.asia
softlywood.asia
offiable.asia
quisible.asia
juggle.asia
tactiate.asia
evasive.asia
braging.asia
coppinging.asia
dishing.asia
skylarking.asia
fooling.asia
banning.asia
honing.asia
appearing.asia
undering.asia
muleteering.asia
mail.muleteering.asia
www.muleteering.asia
genering.asia
abjecting.asia
concreting.asia
comfiting.asia
retorting.asia
overcasting.asia
pacesetting.asia
purveying.asia
kenlying.asia
opennessman.asia
legmen.asia
worsen.asia
disten.asia
lusion.asia
firmation.asia
audration.asia
putation.asia
sequestion.asia
outgo.asia
irrito.asia
gentleship.asia
fastender.asia
linger.asia
rapier.asia
emulsier.asia
safekeeper.asia
sourer.asia
bosser.asia
dencies.asia
in-fies.asia
infies.asia
topinfies.asia
superinfies.asia
terlies.asia
mities.asia
mail.mities.asia
www.mities.asia
mangles.asia
wangles.asia
samenesses.asia
pyxes.asia
lickings.asia
versionless.asia
deodorless.asia
pulsiveness.asia
centiveness.asia
infiesdirekt.asia
infiessofort.asia
initialist.asia
malcy.asia
belably.asia
whimsibly.asia
spacingly.asia
eningly.asia
toningly.asia
campingly.asia
wimpingly.asia
gueringly.asia
playingly.asia
monly.asia
distantly.asia
grottory.asia
eagerry.asia
mail.eagerry.asia
www.eagerry.asia
tipsy.asia
fresh-dating-2010.info
new-dating-2010.info
greatdating-2010.info
bestdating-2010.info
datingcool-2010.info
datingbest-2010.info
site-dating2010.info
great-dating2010.info
best-dating2010.info
sitedating2010.info
fresh-dating-2013.ru
new-dating-2013.ru
greatdating-2013.ru
bestdating-2013.ru
datingcool-2013.ru
datingbest-2013.ru
site-dating2013.ru
great-dating2013.ru
best-dating2013.ru
sitedating2013.ru
46.249.42.168
stelspendingswow.name
siteswillsrockf.com
moniretsstates.info
stelspendingswow.info
monicats5b.net
siteswillsrockf.net
audiodevelop.net
organizationmeens.net
libstringnets.net
finderpolicy.net
No comments:
Post a Comment