![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjU3f67K6C0NBokv04V37IYb3DgiTWa7OqhYK9KLn1zOV5r2-ZvW_f2syAYwe10QTwKlZcGWVmmhhG55RFY6tig_hDj_f5v2h6jeWOfuRWYMniYMtooVpvmKTEEMF9oi_dDXZG18tettOE/s200/ru8080.png)
I'm not sure of the particular nature of the spam run involved (it is possibly a UPS themed attack), but there's a campaign underway with a malicious payload on
[donotclick]panamamoskow.ru:8080/forum/showthread.php?page=5fa58bce769e5c2c (
report here) hosted on the following IPs:
178.33.106.254 (OVH, France)
190.120.228.92 (Infolink, Panama)
Blocking access to those IPs will prevent other malicious domains on the same server from being a threat.
No comments:
Post a Comment