Showing posts with label UK2.NET. Show all posts
Showing posts with label UK2.NET. Show all posts
Thursday 11 July 2013

Malware sites to block 11/7/13

I noticed 188.138.89.106 (Intergenia AG, Germany) was the originating IP being used in this spam run using a hijacked 1&1 account, a...

"WTX Media INC" spam / dajizzum.com

This fake invoice spam from the nonexistant "WTX Media" leads to a malware landing page on dajizzum.com : From: Rebecca Media...
Tuesday 22 January 2013

Something evil on 109.123.66.30

109.123.66.30 (UK2.NET, UK) hosts several domains containing the Blackhole Exploit Kit ( example here ). The domains in user are (mostly)...
1 comment:
Monday 16 April 2012

"You've just ordered pizza from our site" / uiwewsecondary.ru

We haven't seen this "pizza spam" (or spam pizza?) for a while. Rest assured, it leads to malware on uiwewsecondary.ru : D...
1 comment:
Thursday 12 April 2012

Federal Reserve Wire Network spam / vanishingmasers.ru

This spam leads to malware on vanishingmasers.ru : Date :      Thu, 12 Apr 2012 15:14:41 -0300 From :      "Lidia Polk" [uzb...
Wednesday 22 February 2012

Contract spam / cpojkjfhotzpod.ru

Another spam run (will they ever end?) this time with a malicious .htm attachment that tries to download from cpojkjfhotzpod.ru . Here are...
Thursday 19 January 2012

Wire transfer malicious spam / monikabestolucci.ru:8801 and 78.159.118.226

More malicious spam doing the rounds, but this time it's more complicated than before. From: accounting@victimdomain.com [mailto:ac...