![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhM6uGlSdCFB9IGN66nkBZP2xQelCAzpGX5Yhq0g8CxPDq4UgrzWmjCuCAgEC2A0cseJchqi1pzke3Kj2WOUKWAqIBca__ssNVQej525VPV9qcdvJnY_B20-dIrCNNX9voVFS0gQNwY0fU/s200/ru8080.png)
Subject: PhotosAs is usually the case, the malware bounces through a legitimate hacked site and in this case ends up at [donotclick]eghirhiam.ru:8080/forum/links/public_version.php (report here) hosted on:
Good day,
your photos here http://www.jonko.com/photos.htm
82.148.98.36 (Qatar Telecom, Qatar)
195.210.47.208 (PS Internet Company Ltd, Kazakhstan)
202.72.245.146 (Railcom, Mongolia)
The following IPs and domains are all related and should be blocked:
82.148.98.36
195.210.47.208
202.72.245.146
bananamamor.ru
damagalko.ru
dekamerionka.ru
dfudont.ru
disownon.ru
dmpsonthh.ru
dmssmgf.ru
dumarianoko.ru
eghirhiam.ru
epiratko.ru
esekundi.ru
evkotnka.ru
evskindarka.ru
evujalo.ru
exiansik.ru
eziponoma.ru
No comments:
Post a Comment