from:"Adriel Desautels"

Re: [botnets] New Storm variant

2008-01-07 Thread Adriel Desautels

To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
--
John,
	I may know some people in Russia that can help. What would you like me 
to request?


Regards,
Adriel T. Desautels
Chief Technology Officer
Netragard, LLC.
Office : 617-934-0269
Mobile : 617-633-3821
http://www.linkedin.com/pub/1/118/a45

---
Netragard, LLC - http://www.netragard.com  -  We make IT Safe
Penetration Testing, Vulnerability Assessments, Website Security


John Draper wrote:

To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
--
Richard Cox wrote:

To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
--
The new instance of the Storm worm launched on Christmas Eve is already
having a major impact (see http://www.spamhaus.org/news.lasso?article=624)

Whoever planned this worm attack was clever - he ran all his malware
domains (which the victims click on to download their greetings cards
- aka trojans) on fast-flux (botnet) hosting, relying on the Russian
ccTLD (nic.ru) to do the updates.  Unfortunately for all of us, nic.ru
is closed for Christmas and New Year - not returning until January 9th.

Many people have tried to contact nic.ru, both by telephone (during their
advertised opening times) and by email but nic.ru do not reply.  Ten more
days of infection - at the very least - will get that guy one huge botnet
and I know I don't need to mention what that sort of power could do.

If anyone DOES know of an emergency process to contact nic.ru, could
they either use it, post it here, and/or mail me directly with it?

Thanks - and seasonal greetings all round!

Best regards

  

Darn - my last Russian contact left the country last year...  Don't know
anyone who lives in Moscow anymore or I would have them physically
go to there they are and contact them...

Also,  calling Russian ISP's (assuming you get around the language barrior)
can be daunting...  VIOP and other cheap means to call Russia aside,  is 
still

rather difficult.

Also,  I hear a lot of Russian ISP's are on the take and cater to a 
lot of fraud

and other activities...

Good luck in your venture...  and find someone who speaks fluent Russian for
starters...

John
___
To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
All list and server information are public and available to law enforcement 
upon request.
http://www.whitestar.linuxbox.org/mailman/listinfo/botnets
begin:vcard
fn:Adriel T Desautels
n:Desautels;Adriel T
org:Netragard, LLC.
adr:;;17 Sheldon Road;Mendham ;NJ;;USA
email;internet:[EMAIL PROTECTED]
title:Chief Technology Officer
tel;work:617-934-0269
tel;cell:617-633-3821
x-mozilla-html:FALSE
url:http://www.netragard.com
version:2.1
end:vcard



signature.asc
Description: OpenPGP digital signature
___
To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
All list and server information are public and available to law enforcement 
upon request.
http://www.whitestar.linuxbox.org/mailman/listinfo/botnets

Re: [botnets] [phishing] XP update phish/malware

2008-08-28 Thread Adriel Desautels

Interesting,
Do you or anyone else know more about the account theft that has been
going on with FaceBook. I ask because my kid sister was using it for a
while and she kept on asking why her password was changed. Shortly there
after her friends had the same issue and they had random wall posts
going up. Ideas?  I'm just curious.

Regards,
Adriel T. Desautels
Chief Technology Officer
Netragard, LLC.
Office : 617-934-0269
Mobile : 617-633-3821
http://www.linkedin.com/pub/1/118/a45

Join the Netragard, LLC. Linked In Group:
http://www.linkedin.com/e/gis/48683/0B98E1705142

---
Netragard, LLC - http://www.netragard.com  -  We make IT Safe
Penetration Testing, Vulnerability Assessments, Website Security

Netragard Whitepaper Downloads:
---
Choosing the right provider : http://tinyurl.com/2ahk3j
Three Things you must know  : http://tinyurl.com/26pjsn


Steven Adair wrote:
 It seems Imageshack with malicious or at least abusive Flash files is getting 
 more popular.  We saw a similar attack, yet far less malicious, on Facebook 
 last week.  User's walls were spammed with a messae about someone having a 
 crush on them with a link to an Imageshack flash file.  The file then did a 
 full redirect to a dating website.  The bad guys are both simply just using 
 them as a jumping point and in some cases playing off of their [somewhat] 
 trusted name.
 
 Steven
 
 On Thu, 28 Aug 2008 09:18:12 -0400, Discini, Sonny [EMAIL PROTECTED] 
 wrote:
 Here is another XP/Vista download link:

 ht tp://img 182.imageshack.us/img182/7145/47024671do7 .swf

 --
 Steve



 I had a bunch of that come through in 3 separate waves yesterday.

 The malware download pointed to:
 Hxxp://89.187.49.18/install.exe

 Note that the payload is known to Sophos so I'm assuming that most of
 the other big players also pick it up. Nothing new.

 Sonny

 Sonny Discini, Senior Network Security Engineer
 Office of the CIO
 Department of Technology Services
 Montgomery County Government



 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] On Behalf Of Steve Pirk
 Sent: Thursday, August 28, 2008 7:13 AM
 To: [EMAIL PROTECTED]
 Cc: Botnets
 Subject: Re: [phishing] XP update phish/malware


 Equal bytes for women.

 On Wed, 27 Aug 2008, Steve Pirk wrote:

 Here are some links related to a XP update phish/malware download.

 Image or payload?
 ht tp://img 504.imageshack.us/img504/6262/23031231ob0 .swf

 That was the only link in the email.
 --
 Steve
 Equal bytes for women. ___
 phishing mailing list
 [EMAIL PROTECTED]
 http://www.whitestar.linuxbox.org/mailman/listinfo/phishing

 ___
 phishing mailing list
 [EMAIL PROTECTED]
 http://www.whitestar.linuxbox.org/mailman/listinfo/phishing
 ___
 botnets@, the public's dumping ground for maliciousness
 All list and server information are public and available to law
 enforcement upon request.
 http://www.whitestar.linuxbox.org/mailman/listinfo/botnets
 
 ___
 botnets@, the public's dumping ground for maliciousness
 All list and server information are public and available to law enforcement 
 upon request.
 http://www.whitestar.linuxbox.org/mailman/listinfo/botnets
begin:vcard
fn:Adriel T Desautels
n:Desautels;Adriel T
org:Netragard, LLC.
adr:;;17 Sheldon Road;Mendham ;NJ;;USA
email;internet:[EMAIL PROTECTED]
title:Chief Technology Officer
tel;work:617-934-0269
tel;cell:617-633-3821
x-mozilla-html:FALSE
url:http://www.netragard.com
version:2.1
end:vcard

___
botnets@, the public's dumping ground for maliciousness
All list and server information are public and available to law enforcement 
upon request.
http://www.whitestar.linuxbox.org/mailman/listinfo/botnets

Re: [botnets] New Storm variant

Re: [botnets] [phishing] XP update phish/malware

2 matches

Site Navigation

Mail list logo

Footer information