Author Topic: Alert: Exploits on 78.111.51.100  (Read 2833 times)

0 Members and 1 Guest are viewing this topic.

June 29, 2011, 12:15:44 am
Read 2833 times

MysteryFCM

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 1693
  • Personal Text
    Phishing Phanatic
    • I.T. Mate
Alert: Exploits on 78.111.51.100

Quote
If you've not already done so, you'll want to block 78.111.51.100 asap. It's currently housing a plethora of domains that are serving malware via exploit.

Payloads are coming from paths such as;

thujkdswg.tld.tc/k.php?f=20&e=3
-> about.exe
--> 3c6d68ea89512089df0cd7629439c378

You'll no doubt notice the usual suspects as far as the ccTLD branches (redirection services serving off of ccTLDs such as .cc) are concerned. Reports are being fired off to the host and various service providers as I write this, and should hopefully be down soon.

http://hphosts.blogspot.com/2011/06/alert-exploits-on-7811151100.html
Regards

Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net