This fake changelog spam leads to malware at ganadeion.ru: Date: Wed, 28 Nov 2012 05:21:35 -0500The malicious payload is at [donotclick]ganadeion.ru:8080/forum/links/column.php hosted on some familiar looking IP addresses that you should block if you can:
From: LinkedIn Password [password@linkedin.com]
Subject: Re: Changelog as promised (upd.)
Hello,
as prmised updated changelog - View
C. BERGMAN
202.180.221.186 (GNet, Mongolia)
203.80.16.81 (MYREN, Malaysia)
208.87.243.131 (Psychz Networks, US)
No comments:
Post a Comment