| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aaf6cdb90409271223777509fa@mail.gmail.com> From: the.rxmr at gmail.com (the rxmr) Subject: New virus? On Mon, 27 Sep 2004 14:44:58 -0300, Bernardo Santos Wernesback <bernardo@....com.br> wrote: > > Hi everyone, > > Has anyone seen a lot of HTTP activity to a certain site: http://www.fotosgratis.pop.com.br ? > > One of our clients has several machines making tons of requests for TXT files on that server: > > botao.txt > mswinsck.txt > ita01.txt > caixa01.txt > teclado07.txt > caixa01.txt > caixa02.txt > caixa03.txt > caixa04.txt > caixa05.txt > > Thanks for any info., > > > > _____________________________________________________ > > > Bernardo Santos Wernesback > > > > > ESSE,ESS,SCSE,CCNA/DA, > > > CCSA,CQS,MCP > > > > > > > Consultant / ISH Tecnologia > > > > > Phone: +55-27-3334-8900 > > > > > Mobile: +55-27-8111-0884 > > > Email: bernardo@....com.br > > PGP Fingerprint: > 6A42 3701 70D7 FD0F 5FA9 D232 CDD4 6189 EF43 95F5 > I should also mention that the file "mswinsck.txt" is found on machines compromised by these two: W95/Music@M http://vil.nai.com/vil/content/v_98889.htm and Helios http://www.pestpatrol.com/pestinfo/h/helios.asp Another interesting link I found was this one, but I can't translate it: http://big5.pconline.com.cn/b5/www.pconline.com.cn/pcedu/soft/virus/da/0409/449519.html
Powered by blists - more mailing lists