First some good news (via the WaPo Security Fix blog): well known black hat web host UkrTeleGroup appears to have vanished from the internet. The bad news is that seems to have morphed into a company called Internet Path which is masquerading as a US company.
Unfortunately, it does not appear that this is an Atrivo / McColo / Estdomains style situation where the bad guys are permanently shut down.. yet. But perhaps continued pressure on upstream providers might have some effect.. who knows?
1 comment:
Oh yeah?? Well then why am I still seeing this when I run tcpdump:
00:01:08.972388 IP 85.255.112.190.static.ukrtelegroup.com.ua.domain > 192.168.0.46.59234: 27671 2/0/0 CNAME[|domain]
Looks like it's alive and well.
Post a Comment