Sponsored by..

Tuesday 13 September 2011

Injection attack: cbchhuacyus.com, ibccmsuiyus.com and wbccmquwyus.com

There is currently a Sinowal injection attack doing the rounds, redirecting traffic to the following domains on


There may well be other domains on the same server, blocking traffic to would probably be prudent. The payload is being analysed (I will post an update later), but detection rates are not good.

No comments: