To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
----------
Adriel,
The quick goal would be to get them (nic.ru) to suspend the 15 domains that are
currently active:
* familypostcards2008.com
* freshcards2008.com
* happy2008toyou.com
* happycards2008.com
* happysantacards.com
* hellosanta2008.com
* hohoho2008.com
* merrychristmasdude.com
* newyearcards2008.com
* newyearwithlove.com
* parentscards.com
* postcards-2008.com
* santapcards.com
* santawishes2008.com
* uhavepostcard.com
If I missed one, please feel free to add it. Other than that, the goal I
supposed would be to have more open communication with them as it seems no one
is getting a response back. I know I haven't received one.
Steven
On 1/7/08 5:07 PM, "Adriel Desautels" <[EMAIL PROTECTED]> wrote:
> To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
> ----------
> John,
> I may know some people in Russia that can help. What would you like me
> to request?
>
> Regards,
> Adriel T. Desautels
> Chief Technology Officer
> Netragard, LLC.
> Office : 617-934-0269
> Mobile : 617-633-3821
> http://www.linkedin.com/pub/1/118/a45
> a
> ---------------------------------------------------------------
> Netragard, LLC - http://www.netragard.com - "We make IT Safe"
> Penetration Testing, Vulnerability Assessments, Website Security
>
>
> John Draper wrote:
>> To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
>> ----------
>> Richard Cox wrote:
>>> To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
>>> ----------
>>> The new instance of the "Storm" worm launched on Christmas Eve is already
>>> having a major impact (see http://www.spamhaus.org/news.lasso?article=624)
>>>
>>> Whoever planned this worm attack was clever - he ran all his malware
>>> domains (which the victims click on to download their "greetings cards"
>>> - aka trojans) on fast-flux (botnet) hosting, relying on the Russian
>>> ccTLD (nic.ru) to do the updates. Unfortunately for all of us, nic.ru
>>> is closed for Christmas and New Year - not returning until January 9th.
>>>
>>> Many people have tried to contact nic.ru, both by telephone (during their
>>> advertised opening times) and by email but nic.ru do not reply. Ten more
>>> days of infection - at the very least - will get that guy one huge botnet
>>> and I know I don't need to mention what that sort of power could do.
>>>
>>> If anyone DOES know of an emergency process to contact nic.ru, could
>>> they either use it, post it here, and/or mail me directly with it?
>>>
>>> Thanks - and seasonal greetings all round!
>>>
>>> Best regards
>>>
>>>
>> Darn - my last Russian contact left the country last year... Don't know
>> anyone who lives in Moscow anymore or I would have them physically
>> go to there they are and contact them...
>>
>> Also, calling Russian ISP's (assuming you get around the language barrior)
>> can be daunting... VIOP and other cheap means to call Russia aside, is
>> still
>> rather difficult.
>>
>> Also, I hear a lot of Russian ISP's are "on the take" and cater to a
>> lot of fraud
>> and other activities...
>>
>> Good luck in your venture... and find someone who speaks fluent Russian for
>> starters...
>>
>> John
>> _______________________________________________
>> To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
>> All list and server information are public and available to law enforcement
>> upon request.
>> http://www.whitestar.linuxbox.org/mailman/listinfo/botnets
> _______________________________________________
> To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
> All list and server information are public and available to law enforcement
> upon request.
> http://www.whitestar.linuxbox.org/mailman/listinfo/botnets
_______________________________________________
To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
All list and server information are public and available to law enforcement
upon request.
http://www.whitestar.linuxbox.org/mailman/listinfo/botnets
