Alert: Exploits on 78.111.51.100

Discussions of all Adware-Spyware-Malware related topics to include all security products users may have concerns with.

Moderators: Admin Team, Moderators

User avatar
MysteryFCM
Site Admin
Site Admin
Posts: 3721
Joined: Sun May 15, 2005 12:42 pm
Location: Newcastle, UK
Contact:

Alert: Exploits on 78.111.51.100

Postby MysteryFCM » Tue Jun 28, 2011 5:16 pm

Alert: Exploits on 78.111.51.100

If you've not already done so, you'll want to block 78.111.51.100 asap. It's currently housing a plethora of domains that are serving malware via exploit.

Payloads are coming from paths such as;

thujkdswg.tld.tc/k.php?f=20&e=3
-> about.exe
--> 3c6d68ea89512089df0cd7629439c378

You'll no doubt notice the usual suspects as far as the ccTLD branches (redirection services serving off of ccTLDs such as .cc) are concerned. Reports are being fired off to the host and various service providers as I write this, and should hopefully be down soon.


http://hphosts.blogspot.com/2011/06/ale ... 51100.html
Regards

Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net

Keeping it FREE!

Return to “Countermeasures Discussions\News”

Who is online

Users browsing this forum: Bing [Bot] and 2 guests