[WsIRT#1102] Live C99Shell @AS7514

 CastleCops -> WsIRT Reports
Author: Paul PostPosted: Sat Dec 22, 2007 6:18 pm    Post subject: [WsIRT#1102] Live C99Shell @AS7514
Attack Alert
 
 Full Report: CastleCops Link/C99Shell_attack1102.html
 
 Changed status to confirmed attack.
IP Converted: 210.198.4.75

dword = 3536192587
hex1 = 0xd2c6044b
hex2 = 0xd2.0xc6.0x4.0x4b
oct = 0322.0306.04.0113
View CIDR AS7514 Report: http://www.cidr-report.org/cgi-bin/as-report?as=7514

"7514 | JP | apnic | 1997-03-03 | MEX Media EXchange, Inc."<br />
Extended information for AS7514:
State/Province:
Country: jp
Responsible Domain: mex.ad.jp
Abuse Email: security@mex.ad.jp
This domain has been compromised, it is running a known hijacking shell called c99. Please investigate your system as this shell permits criminals to conduct spam, phish, malware and other nefarious campaigns.
Quote:
http://kashiwadaisuke.com/templates_c/contact_us.php
CastleCops -> WsIRT Reports

All times are GMT

Page 1 of 1


Powered by phpBB © 2001 phpBB Group