Sponsored by..

Showing posts with label Gawker. Show all posts
Showing posts with label Gawker. Show all posts

Monday 20 December 2010

Gawker related attack from 174.132.178.37

The recent Gawker media hack is probably related to a spate of malicious activity from 174.132.178.37, trying to log into forums, according to a couple of different reports on the web -  [1] [2] -  and my own experience of someone trying to get into a forum, presumably with Gawker harvested credentials. The purpose is unknown, but the person behind it may well be trying to use established accounts to spam forums.

Here is a sample email that you might get:

Dear ----------,

Your account on ---------- has been locked because someone has tried to log into the account with the wrong password more than 5 times. You will be able to attempt to log in again in another 15 minutes.

The person trying to log into your account had the following IP address: 174.132.178.37

Don't forget that the password is case sensitive. Forgotten your password? Use the link below:
http://forums.----------.com/login.php?do=lostpw

I advise you to contact the web host responsible at abuse -at- theplanet.com with a copy of any evidence. Incidentally, the listed owner of that IP address (although remember that it may have hack) is:

network:Class-Name:network
network:ID:NETBLK-THEPLANET-BLK-15
network:Auth-Area:174.132.0.0/15
network:Network-Name:TPIS-BLK-174-132-178-0
network:IP-Network:174.132.178.32/28
network:IP-Network-Block:174.132.178.32 - 174.132.178.47
network:Organization-Name:Michael Strouse
network:Organization-City:winter springs
network:Organization-State:FL
network:Organization-Zip:32708
network:Organization-Country:USA
network:Description-Usage:customer
network:Server-Pri:ns1.theplanet.com
network:Server-Sec:ns2.theplanet.com
network:Tech-Contact;I:

If this has happened to you, why not post a comment below so that ThePlanet.com can see what it going on.