Date: Tue, 9 Apr 2013 10:03:31 -0300The link leads to a malicious payload on [donotclick]jonahgkio.ru:8080/forum/links/column.php which doesn't seem to be working at the moment. However, it is multihomed on some familiar looking IPs:
From: "service@paypal.com" [service@paypal.com]
Subject: Join my network on LinkedIn
Marcelene Bruno has indicated you are a Friend
I'd like to add you to my professional network on LinkedIn.
- Marcelene Bruno
Accept
View invitation from Marcelene Bruno
WHY MIGHT CONNECTING WITH Marcelene Bruno BE A GOOD IDEA?
Marcelene Bruno's connections could be useful to you
After accepting Marcelene Bruno's invitation, check Marcelene Bruno's connections to see who else you may know and who you might want an introduction to. Building these connections can create opportunities in the future.
© 2012, LinkedIn Corporation
91.191.170.26 (Netdirekt, Turkey)
93.187.200.250 (Netdirekt, Turkey)
208.94.108.238 (Fibrenoire, Canada)
Blocklist:
91.191.170.26
93.187.200.250
208.94.108.238
itriopea.ru
illuminataf.ru
izamalok.ru
imanraiodl.ru
ifinaksiao.ru
jonahgkio.ru
ivanikako.ru
igionkialo.ru
ijsiokolo.ru
ifikangloo.ru
izjianokr.ru
iztakor.ru
ighjaooru.ru
jundaio.ru
No comments:
Post a Comment