|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Win32.Mitglieder.DH epidemy
From: Vsevolod Gavrilenko (gvj
corbina.net)
Date: Mon Nov 28 2005 - 06:47:01 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Good afternoon incidentssecurityfocus.com <incidentssecurityfocus.com>,
Hello.
Nowtimes we are expecting a large amount of requests from live and
wild botnet under Win32.Mitglieder.DH.
We host one of the contact sites (tarkan.ru), so we got about 110K
unique requests today on 16:00 MSK.
The line looks like:
207.46.50.74 - - [28/Nov/2005:15:39:50 +0300] "GET
/images/tst.php?p=1033&id=26912415p HTTP/1.1" 302 302 "-" "fog"
Now we are redirecting all these requests to 127.0.0.1 and going to
send abuse reports to network owners.
--
Vsevolod Gavrilenko mailto:gvjcorbina.net
Corbina Telecom, tel. +7 095 7284000
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]