tag:blogger.com,1999:blog-804714437673009003.post8159230747475493814..comments2024-02-23T09:06:13.967+00:00Comments on Dynamoo's Blog: HMRC spam / VAT Returns Repot 517794350.docUnknownnoreply@blogger.comBlogger2125tag:blogger.com,1999:blog-804714437673009003.post-60072782011923032532013-05-16T19:18:09.048+01:002013-05-16T19:18:09.048+01:00@Stuart: the payload is something called P2P Zeus ...@Stuart: the payload is something called P2P Zeus - those IPs are part of a botnet, you would probably see different ones. These were identified by the <a href="http://www.dynamoo.com/files/analysis_30639_f49ba87bdcbb24ecf22f9b5b3a8c2a34.pdf" rel="nofollow">ThreatTrack report</a> I included.<br /><br />As far as I can tell, if the machine is fully up-to-date with Microsoft patches then the attackConrad Longmorehttps://www.blogger.com/profile/11751822299235747323noreply@blogger.comtag:blogger.com,1999:blog-804714437673009003.post-18119647463327592632013-05-16T17:29:18.525+01:002013-05-16T17:29:18.525+01:00Where are you getting the IP's from? as some o...Where are you getting the IP's from? as some of our users got this email and selected the .doc file. What payload, etc does the .doc release?Anonymoushttps://www.blogger.com/profile/03594039352278008704noreply@blogger.com