This fake wire transfer spam leads to malware on porschedesignrussia.ru:Date: Fri, 20 Jul 2012 04:10:52 +0100
Subject: RE: Your Wire Transfer N02526593
Good morning,
Wire debit transfer was canceled by the other financial institution.
Canceled transfer:
FED REFERENCE NUMBER: ISL9653367088ODP06829K
Transfer Report: View
Federal Reserve Wire Network
The malicious payload is at [donotclick]porschedesignrussia.ru:8080/forum/showthread.php?page=5fa58bce769e5c2c (report here) hosted on the following IPs:
78.83.233.242
203.80.16.81
213.17.171.186
These are the same IP addresses as used in this attack from yesterday. Blocking them would probably be prudent.
No comments:
Post a Comment