Malware paylod at:
noiekr .com/login.html
Definitely fast-flux - about 20 hosts
Sent from
75.147.175.225
75.147.175-225-BusName-smpls.la.shreveport.hfc.comcastbusiness.net
This is the second phish/malware I have gotten from comcastbusiness.net
hosts. Time to email the company.
--
Steve
Equal bytes for women.
---------- Forwarded message ----------
Return-Path: <[EMAIL PROTECTED]>
Received: from
75.147.175-225-BusName-smpls.la.shreveport.hfc.comcastbusiness.net
(75.147.175-225-BusName-smpls.la.shreveport.hfc.comcastbusiness.net
[75.147.175.225] (may be forged))
by mail.pirk.com (8.14.1/8.12.0.Beta19) with ESMTP id m7SEXSVH026064
for <[EMAIL PROTECTED]>; Thu, 28 Aug 2008 07:33:28 -0700
Message-ID: <[EMAIL PROTECTED]>
From: "Update Department" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Subject: Capital One Bank News - Read About the Latest updates
Date: Thu, 28 Aug 2008 13:41:16 +0000
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_0004_01C90922.04E4D84A"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2720.3000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2727.1300
CAPITAL ONE BANK CRITICAL UPDATE, AUGUST 28TH 2008
Critical Updates are intended to fix potential security risks in Business
Objects of Capital One Bank.
Critical Update is available to remove unacceptable symbols from the wire submission page that is included with Capital One Bank Treasury Optimizer.
These updates are highly recommended to ensure the security of all Capital One Bank products.
To start update follow the Verification Link>>
Sincerely, Milo Fischer.
2008 Capital One Services, Inc.
_______________________________________________
botnets@, the public's dumping ground for maliciousness
All list and server information are public and available to law enforcement
upon request.
http://www.whitestar.linuxbox.org/mailman/listinfo/botnets