To report a botnet PRIVATELY please email: [EMAIL PROTECTED] ---------- Adriel,
The quick goal would be to get them (nic.ru) to suspend the 15 domains that are currently active: * familypostcards2008.com * freshcards2008.com * happy2008toyou.com * happycards2008.com * happysantacards.com * hellosanta2008.com * hohoho2008.com * merrychristmasdude.com * newyearcards2008.com * newyearwithlove.com * parentscards.com * postcards-2008.com * santapcards.com * santawishes2008.com * uhavepostcard.com If I missed one, please feel free to add it. Other than that, the goal I supposed would be to have more open communication with them as it seems no one is getting a response back. I know I haven't received one. Steven On 1/7/08 5:07 PM, "Adriel Desautels" <[EMAIL PROTECTED]> wrote: > To report a botnet PRIVATELY please email: [EMAIL PROTECTED] > ---------- > John, > I may know some people in Russia that can help. What would you like me > to request? > > Regards, > Adriel T. Desautels > Chief Technology Officer > Netragard, LLC. > Office : 617-934-0269 > Mobile : 617-633-3821 > http://www.linkedin.com/pub/1/118/a45 > a > --------------------------------------------------------------- > Netragard, LLC - http://www.netragard.com - "We make IT Safe" > Penetration Testing, Vulnerability Assessments, Website Security > > > John Draper wrote: >> To report a botnet PRIVATELY please email: [EMAIL PROTECTED] >> ---------- >> Richard Cox wrote: >>> To report a botnet PRIVATELY please email: [EMAIL PROTECTED] >>> ---------- >>> The new instance of the "Storm" worm launched on Christmas Eve is already >>> having a major impact (see http://www.spamhaus.org/news.lasso?article=624) >>> >>> Whoever planned this worm attack was clever - he ran all his malware >>> domains (which the victims click on to download their "greetings cards" >>> - aka trojans) on fast-flux (botnet) hosting, relying on the Russian >>> ccTLD (nic.ru) to do the updates. Unfortunately for all of us, nic.ru >>> is closed for Christmas and New Year - not returning until January 9th. >>> >>> Many people have tried to contact nic.ru, both by telephone (during their >>> advertised opening times) and by email but nic.ru do not reply. Ten more >>> days of infection - at the very least - will get that guy one huge botnet >>> and I know I don't need to mention what that sort of power could do. >>> >>> If anyone DOES know of an emergency process to contact nic.ru, could >>> they either use it, post it here, and/or mail me directly with it? >>> >>> Thanks - and seasonal greetings all round! >>> >>> Best regards >>> >>> >> Darn - my last Russian contact left the country last year... Don't know >> anyone who lives in Moscow anymore or I would have them physically >> go to there they are and contact them... >> >> Also, calling Russian ISP's (assuming you get around the language barrior) >> can be daunting... VIOP and other cheap means to call Russia aside, is >> still >> rather difficult. >> >> Also, I hear a lot of Russian ISP's are "on the take" and cater to a >> lot of fraud >> and other activities... >> >> Good luck in your venture... and find someone who speaks fluent Russian for >> starters... >> >> John >> _______________________________________________ >> To report a botnet PRIVATELY please email: [EMAIL PROTECTED] >> All list and server information are public and available to law enforcement >> upon request. >> http://www.whitestar.linuxbox.org/mailman/listinfo/botnets > _______________________________________________ > To report a botnet PRIVATELY please email: [EMAIL PROTECTED] > All list and server information are public and available to law enforcement > upon request. > http://www.whitestar.linuxbox.org/mailman/listinfo/botnets _______________________________________________ To report a botnet PRIVATELY please email: [EMAIL PROTECTED] All list and server information are public and available to law enforcement upon request. http://www.whitestar.linuxbox.org/mailman/listinfo/botnets