A new version of this malicious spam run is under way, this time with a malicious payload at leadgems.net.The payload page is at [donotclick]leadgems.net/main.php?page=940489e6fc8f17ed (report here) which is hosted on 192.84.186.206 (Seinajoki University of Applied Sciences, Finland).. presumably a hacked server.
Blocking access to 192.84.186.206 will prevent any other malicious sites on the same server from causing a problem.
No comments:
Post a Comment