Thanks for the report.
On Wed, May 21, 2014 at 2:52 AM, Fraudwatch Security <[email protected]>wrote: > [Incident#EJA-438092] > Dear Web Host > > The FraudWatch International Security Operations Centre ( > www.fraudwatchinternational.com) has received a report of a fraudulent > financial web page (illegal malware download / data collection) hosted on > your network. > > ** Please be aware that clicking any link to an executable may harm your > computer! We are providing these links to bring to your attention their > existence so that you can take the appropriate action against this illegal > activity. Also note that we have provided a malware scan report for your > review ** > > > IP Address: 74.125.28.82 > > URL: > https://projeto-atualizacao-seguranca-2k14.googlecode.com/svn/cli1.zaz > Additional URL's: > > > > ** The above URL has been found to have sufficient connection with Malware > that may be located on: > > > ** Malware Scan Report: > > https://www.virustotal.com/en/file/7400cfdc380871b0c270425e4b40f697a905ebeced6b2e1c88a9b7b57718558a/analysis/ > https://malwr.com/analysis/MzBlMDFiZjc3NGIzNGM1MjlhZGMzNTBmYWY5YTdmYjI/ > http://10.1.1.56:8080/view/18 > > Client Brand Targeted: Santander Brasil (Banco Santander) > > ************************* > > On behalf of our client, we would greatly appreciate your assistance in: > > a) Urgently cleaning, closing or disallowing access to the site listed > above as appropriate. > > b) obtaining and providing to us additional information regarding this > incident, for example relevant logs or files from the host, > > ************************* > > If you are not the correct person to be dealing with this incident, please > forward this request to the relevant person. > > If you are already aware of this matter, we apologise for any > inconvenience. If possible, we would still appreciate a copy of any > relevant files from the host, including logs and any php files relevant to > the malware site, which may indicate where the stolen login credentials are > being sent. > > This incident has been assigned an Incident Number, found in the subject > line. We will be monitoring this incident, and tracking its progress to > closure. Please use this incident code in the subject line of all > correspondence relating to this Incident. > > Please contact us should you require any clarification or assistance. We > thank you for your urgent consideration of this request. > > > Regards, > Security Operations > FraudWatch International > http://www.fraudwatchinternational.com > > -- > You received this message because you are subscribed to the Google Groups > "Project Hosting on Google Code" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > Visit this group at http://groups.google.com/group/google-code-hosting. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Project Hosting on Google Code" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/google-code-hosting. For more options, visit https://groups.google.com/d/optout.
