![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgxGvpbo8rLlCB5dEDOgX3x87CG5186fJ3unY47xdpze2Txh_jTebhwPpN2SheFIkfl5qb_CKZDyigXsfDbTn-OxckfVSwL73NZD_z_Qi3syVc8YCZBf5yJI0G1AYjg7PjSJ2i2odjotm8/s200/amerika.png)
Date: Fri, 28 Dec 2012 22:45:28 +0900The malicious payload is at [donotclick]incinteractive.net/detects/wishs_continually.php hosted on the well-known IP of 59.57.247.185 in China which also hosts these following malicious domains:
From: "Federal Reserve Banking Services@sys.frb.org" [ACHR_58976105@FedMail.frb.org]
Subject: FedMail (R): FedACH Announcement - End of Day - 12/27/12
Please overview the ACH Advice Statement from the Federal Reserve System by clicking here.
sessionid0147239047829578349578239077.pl
tv-usib.com
atsushitani.com
proxfied.net
incinteractive.net
timesofnorth.net
latticesoft.net
incinteractive.net
No comments:
Post a Comment