I forget who, but some already posted here a list of website inside the attack code. The websites are changing every few days.
Wil Genovese One man with courage makes a majority. -Andrew Jackson A fine is a tax for doing wrong. A tax is a fine for doing well. On Aug 9, 2008, at 12:17 AM, Mike Fay wrote: > Hello, > > Some 10,000 attacks later and after spending too much time > deciphering the Hex code the bots sent, the bottom line is that > there are just 2 web sites that are housing the malicious > Javascript. (In our case, obviously) > > They are 3 3 2 2 . o r g > 1 0 0 0 m g . c n > > Yes, the spaces need to come out if you want to look at the > sites...AT YOUR OWN RISK. > > The url link in the hex code is longer of course but I'm not going > to put it in here. > > The sites are pretty much the same. They are in China, big > surprise, but in cities about 644 miles apart. > > How many other domains housing malicious javascript did you all find? > > Thanks, Mike > > P.S. Don't ask me how the hex code was deciphered. Our network > wizard did it and he just left on vacation. :)) > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;203748912;27390454;j Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:310611 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
