| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 20 Jul 2011 15:23:50 +0100 From: Jacqui Caren-home <jacqui.caren@...world.com> To: full-disclosure@...ts.grok.org.uk Subject: Re: Phone Scam On 20/07/2011 14:19, Dave wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > OK This is not new, but it happened to me just an hour ago. > > A stranger on the end of a phone call tells you your PC is infected, and you should download and install a RC server so it can be fixed. SOP. > I just been through this and installed Ammyy admin from ammyy.com (Whois - dataguarded) as per the strangers instruction on a VM XP install. > Nothing to see here, so what, big deal etc. etc. > > What maybe interesting to some is the IP address it connected to: > prag178.startdedicated.com 62.75.224.229 ports 443, 80, 8080 remarks: * ABUSE-Complaints are only handled at: * remarks: * ABUSE@...sserver.de * > I reveal the IP address for those of you who might like to update IPTables, databases or just like to write down numbers. Or just block any traffic to or from plusserver.de - they do not have a good spam/abuse rep. route: 62.75.128.0/17 descr: Plusserver AG origin: AS8972 mnt-by: INTERGENIA-MNT mnt-lower: INTERGENIA-MNT source: RIPE # Filtered _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists