Dynamoo's Blog: nikjju.com injection attack in progress

Tuesday, 24 April 2012

nikjju.com injection attack in progress

The ISC is warning of an injection attack using the domain nikjju.com. The WHOIS details of this domain are very familiar:

Registrant Contact:

   JamesNorthone

   James Northone jamesnorthone@hotmailbox.com

   +1.5168222749 fax: +1.5168222749

   128 Lynn Court

   Plainview NY 11803

   us

The hotmailbox.com domain is a sign of evil, and these are likely to be the "LizaMoon" crew who have been very active over the past couple of years. nikjju.com is hosted on 31.210.100.242 (INTER NET BILGISAYAR LTD STI, Turkey although blocking the domain will help as well because these malicious sites tend to be highly mobile.

Dynamoo's Blog

Link List

Sponsored by..

Tuesday, 24 April 2012

nikjju.com injection attack in progress

No comments: