Our company is under attack. Please help.
The evil URL we got through email were here :
The evil payloads are here :
- h
ttp://pub.rti.ci/index.html
- h
ttp://pub.rti.ci/www/images/index.html
Check this Report :
http://vscan.urlvoid.com/analysis/0c38ef0a7f962a6010ea79f67b6f6ab3/cHViLXJ0aS1jaQ==/VirusTotal said it was full of Evil PE
Be extremly careful.
We got infected by logging on the father of this web site which is
http://www.rti.ci/There we got evil javascript ONLY when we logged in OR when we had the IP address of our company.
*.RTI.CI is becoming extremly annoying and it's well created as its not so easy to detect it.
Carefull friends !
Best.
Topic: Evil African Web Site: *.RTI.CI (ex: pub.rti.ci) (Read 5394 times)