Sponsored by..

Wednesday 28 November 2012

Changelog spam / ganadeion.ru

This fake changelog spam leads to malware at ganadeion.ru:

Date:      Wed, 28 Nov 2012 05:21:35 -0500
From:      LinkedIn Password [password@linkedin.com]
Subject:      Re: Changelog as promised (upd.)


as prmised updated changelog - View

The malicious payload is at [donotclick]ganadeion.ru:8080/forum/links/column.php hosted on some familiar looking IP addresses that you should block if you can: (GNet, Mongolia) (MYREN, Malaysia) (Psychz Networks, US)

No comments: