To report a botnet PRIVATELY please email: [EMAIL PROTECTED] ---------- Hi Chato,
These two domains are part of the original 13 that were registered with ESTDOMAINS (not nic.ru) and they should currently all be in a suspended state. Steven On Tue, 08 Jan 2008 00:24:20 +0100, "Chato H. Flores" <[EMAIL PROTECTED]> wrote: > > I add two domains to the list: > > ptowl.com > yxbegan.com > > > Best regards, > > Chato Flores > > > > > On Mon, 07 Jan 2008 23:13:57 +0100 Steven Adair > <[EMAIL PROTECTED]> wrote: >>To report a botnet PRIVATELY please email: [EMAIL PROTECTED] >>---------- >> >>Adriel, >> >>The quick goal would be to get them (nic.ru) to suspend the 15 >>domains that are currently active: >> >> * familypostcards2008.com >> * freshcards2008.com >> * happy2008toyou.com >> * happycards2008.com >> * happysantacards.com >> * hellosanta2008.com >> * hohoho2008.com >> * merrychristmasdude.com >> * newyearcards2008.com >> * newyearwithlove.com >> * parentscards.com >> * postcards-2008.com >> * santapcards.com >> * santawishes2008.com >> * uhavepostcard.com >> >>If I missed one, please feel free to add it. Other than that, the >>goal I supposed would be to have more open communication with them >>as it seems no one is getting a response back. I know I haven't >>received one. >> >>Steven >> >>On 1/7/08 5:07 PM, "Adriel Desautels" <[EMAIL PROTECTED]> >>wrote: >> >>> To report a botnet PRIVATELY please email: [EMAIL PROTECTED] >>> ---------- >>> John, >>> I may know some people in Russia that can help. What would you >>like me >>> to request? >>> >>> Regards, >>> Adriel T. Desautels >>> Chief Technology Officer >>> Netragard, LLC. >>> Office : 617-934-0269 >>> Mobile : 617-633-3821 >>> http://www.linkedin.com/pub/1/118/a45 >>> a >>> --------------------------------------------------------------- >>> Netragard, LLC - http://www.netragard.com - "We make IT Safe" >>> Penetration Testing, Vulnerability Assessments, Website Security >>> >>> >>> John Draper wrote: >>>> To report a botnet PRIVATELY please email: [EMAIL PROTECTED] >>>> ---------- >>>> Richard Cox wrote: >>>>> To report a botnet PRIVATELY please email: [EMAIL PROTECTED] >>>>> ---------- >>>>> The new instance of the "Storm" worm launched on Christmas Eve >>is already >>>>> having a major impact (see >>http://www.spamhaus.org/news.lasso?article=624) >>>>> >>>>> Whoever planned this worm attack was clever - he ran all his >>malware >>>>> domains (which the victims click on to download their >>"greetings cards" >>>>> - aka trojans) on fast-flux (botnet) hosting, relying on the >>Russian >>>>> ccTLD (nic.ru) to do the updates. Unfortunately for all of >>us, nic.ru >>>>> is closed for Christmas and New Year - not returning until >>January 9th. >>>>> >>>>> Many people have tried to contact nic.ru, both by telephone >>(during their >>>>> advertised opening times) and by email but nic.ru do not >>reply. Ten more >>>>> days of infection - at the very least - will get that guy one >>huge botnet >>>>> and I know I don't need to mention what that sort of power >>could do. >>>>> >>>>> If anyone DOES know of an emergency process to contact nic.ru, >>could >>>>> they either use it, post it here, and/or mail me directly with >>it? >>>>> >>>>> Thanks - and seasonal greetings all round! >>>>> >>>>> Best regards >>>>> >>>>> >>>> Darn - my last Russian contact left the country last year... >>Don't know >>>> anyone who lives in Moscow anymore or I would have them >>physically >>>> go to there they are and contact them... >>>> >>>> Also, calling Russian ISP's (assuming you get around the >>language barrior) >>>> can be daunting... VIOP and other cheap means to call Russia >>aside, is >>>> still >>>> rather difficult. >>>> >>>> Also, I hear a lot of Russian ISP's are "on the take" and >>cater to a >>>> lot of fraud >>>> and other activities... >>>> >>>> Good luck in your venture... and find someone who speaks >>fluent Russian for >>>> starters... >>>> >>>> John >>>> _______________________________________________ >>>> To report a botnet PRIVATELY please email: [EMAIL PROTECTED] >>>> All list and server information are public and available to law >>enforcement >>>> upon request. >>>> http://www.whitestar.linuxbox.org/mailman/listinfo/botnets >>> _______________________________________________ >>> To report a botnet PRIVATELY please email: [EMAIL PROTECTED] >>> All list and server information are public and available to law >>enforcement >>> upon request. >>> http://www.whitestar.linuxbox.org/mailman/listinfo/botnets >> >> >>_______________________________________________ >>To report a botnet PRIVATELY please email: [EMAIL PROTECTED] >>All list and server information are public and available to law >>enforcement upon request. >>http://www.whitestar.linuxbox.org/mailman/listinfo/botnets _______________________________________________ To report a botnet PRIVATELY please email: [EMAIL PROTECTED] All list and server information are public and available to law enforcement upon request. http://www.whitestar.linuxbox.org/mailman/listinfo/botnets