And here i was expecting .ZIP file from the FBI and CIA telling me that
I need to full out a "survey" :)
-Wil
Martin Hannigan wrote:
Here is some more interesting information. I'm not positive this is
Sober.Z related but it's walking like and talking like a duck.
First I see the below DNS requests, shortly after I see many SMTP
packets hitting Hotmail, AOL, Yahoo.com, Yahoo.co.uk, Progegy, etc....
Looks like it's... Sending SPAM?!?!
No! Not that!
This I didn't expect at all, here is a trace from one of the known
infected users:
This is how these folks make money.
