![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjU3f67K6C0NBokv04V37IYb3DgiTWa7OqhYK9KLn1zOV5r2-ZvW_f2syAYwe10QTwKlZcGWVmmhhG55RFY6tig_hDj_f5v2h6jeWOfuRWYMniYMtooVpvmKTEEMF9oi_dDXZG18tettOE/s200/ru8080.png)
Date: Tue, 27 Nov 2012 01:14:15 -0500The malicious payload is at [donotclick]gurmanikia.ru:8080/forum/links/column.php hosted on the following well-known malicious IPs:
From: Emerita Ayers via LinkedIn [member@linkedin.com]
Subject: RE: Your Wire Transfer N27172774
Dear Customers,
Wire debit transfer was canceled.
Canceled transfer:
FED NUMBER: 6946432301WIRE298280
Transaction Report: View
Federal Reserve Wire Network
202.180.221.186 (GNet, Mongolia)
203.80.16.81 (MYREN, Malaysia)
208.87.243.131 (Psychz Networks, US)
No comments:
Post a Comment