Date: Tue, 4 Dec 2012 03:38:42 +0000
From: KaseyElleman@victimdomain.com
Subject: You have notifications pending
Hi,
Here's some activity you may have missed on Facebook.
SALLIE FELIX has posted statuses, photos and more on Facebook.
Go To Facebook
See All Notifications
This message was sent to postinialerts@[redacted]. If you don't want to receive these emails from Facebook in the future or have your email address used for friend suggestions, please click: unsubscribe.
Facebook, Inc. Attention: Department 415 P.O Box 10005 Palo Alto CA 94303
The malicious payload is at [donotclick]francese.ru:8080/forum/links/column.php hosted on the following IP addresses:
42.121.116.38 (Aliyun Computing Co, China)
202.180.221.186 (GNet, Mongolia)
203.80.16.81 (MYREN, Malaysia)
208.87.243.131 (Psychz Networks , US)
219.255.134.110 (SK Broadband, Korea)
Plain list for copy-and-pasting:
42.121.116.38
202.180.221.186
203.80.16.81
208.87.243.131
219.255.134.110
No comments:
Post a Comment