Date: Thu, 27 Sep 2012 10:03:27 -0400
From: Habbo Hotel [auto-contact@habbo.com]
Subject: UPS Tracking Number H8244648923
USPS .com Customer Services for big savings! Can't see images? CLICK HERE.
UPS UPS SUPPORT 39
UPS - UPS TEAM 31 >>
Not Ready to Open
an Account?
The UPS Store� can help with full service packing and shipping.
Learn More >>
UPS - Your UPS .com Customer Services
Dear, [redacted]
DEAR CUSTOMER , Delivery Confirmation: Failed
Track your Shipment now!
With best wishes , UPS .com Customer Services.
Shipping Tracking Calculate Time & Cost Open an Account
@ 2011 United Parcel Service of America, Inc. Your USPS Team, the UPS brandmark, and the color brown are
trademarks of United Parcel Service of America, Inc. All rights reserved.
This is a marketing e-mail for UPS services. Click here to update your e-mail preferences or to unsubscribe to
Your USPS .US marketing e-mail. For information on UPS's privacy practices, please refer to UPS Privacy Policy.
USPS .com Customer Services, 33 Glenlake Parkway, NE - Atlanta, GA 30580
Attn: Customer Communications Department
The malicious payload is at [donotclick]sectantes-x.ru:8080/forum/links/column.php hosted on the following IP addresses:
84.22.100.108 (Republic CyberBunker, Antarctica - Amsterdam more likely)
190.10.14.196 (RACSA, Costa Rica)
203.80.16.81 (Myren, Malaysia)
The following IPs and domains are all connected and should be blocked:
84.22.100.108
190.10.14.196
203.80.16.81
rumyniaonline.ru
denegnashete.ru
dimabilanch.ru
ioponeslal.ru
soisokdomen.ru
moskowpulkavo.ru
diareuomop.ru
omahabeachs.ru
sectantes-x.ru
In addition, CyberBunker has a long history of spamming and tolerating criminals. Blocking the range 84.22.96.0/19 should afford your network some additional protection.
No comments:
Post a Comment