---------- Forwarded message ---------- From: Solania Ormaza (Tucows Inc) <supp...@tccompliance.zendesk.com> Date: Tue, Sep 20, 2016 at 9:57 PM Subject: [Tucows Inc - Compliance] Re: Malware complaint: tor2web.org To: "virgil.griff...@gmail.com" <virgil.griff...@gmail.com>
##- Please type your reply above this line -## Your request (124747) has been solved. To reopen this request, reply to this email. [image: Solania Or] *Solania Ormaza* (Tucows Inc - Compliance) Sep 20, 09:57 EDT Hello Please see complaint received regarding subject domain and respond accordingly *** RSA Anti-fraud Command Center a...@rsa.com Friday 10:00 BBVA - E2228848 To whom it may concern: RSA, The Security Division of EMC (“RSA”), an information security company, has detected and verified that a Malware (as defined below) program is being propagated from a server which is associated with the following URL: (the “Designated Site”) >From our review, it is our understanding that you operate the Designated Site and that it is, therefore, under your control. For the purposes of this letter, “Malware” means any software applications or executables that perform actions unanticipated by and without the consent of the person running the software. Malware is distributed via many mechanisms including, but not limited to: email attachments; content injection such as cross site scripting; exploiting security vulnerabilities in operating systems and other software; and/or insertion into downloadable software. Malware is designed, among other things, to misappropriate personal data in order to engage in fraudulent transactions using that data, and/or to compromise and co-opt an end-user’s networked computer; all for the purpose of performing illegal or improper acts such as misappropriating funds; carrying out denial of service attacks; and sending unsolicited mass emails. For your information, we have analyzed the specific Malware and enclose a file, which includes: * Malware name: Ransom * Description:Ransomware is computer malware which holds a computer system, or the data it contains, hostage against its user by demanding a ransom for its restoration. http://www.symantec.com/connect/node/1618951 * http://5n7y4yihirccftc5.tor2web.org/ This file also details the method by which it appears that the Malware is downloaded to a victim’s computer. In this instance, it is our belief that the specific purpose of the Malware is to misappropriate account credentials and identity information from the customers of one or more financial institutions in order to access their bank accounts fraudulently. Therefore, we request that you immediately take all actions necessary to disable and remove this Malware from the Designated Site. We specifically would ask that you also take the following actions: Please provide us with a tar/zip file of all the content located under the Malware's path (including hidden files), so that we may analyze it to help prevent further attacks. If any customer data has been captured that is stored on your systems or equipment, please send us that data so that the customers to whom that data relates can be notified and take steps to protect their credit. Please provide a copy of any records you maintain that indicate the name, contact information, method of payment or similar information that may be useful in helping learn about the identity and location of the customer for whom the website has been operated. We would appreciate your email confirmation that the source of the Malware infection has been disabled. We understand that you may not be aware of the above described improper use of the Designated Site and we thank you for your cooperation in the prevention of fraudulent online activity. The foregoing is without prejudice to any and all rights and remedies of any financial institution impacted by the improper use of the Designated Site, which rights and remedies are hereby expressly reserved. If you need further information, please do not hesitate to contact RSA at the numbers below. Sincerely, RSA SECURITY INC. RSA Anti-Fraud Command Center Tel: +44 (0)800-032-7751 (UK) Tel: +1-866-408-7525 (US) E-mail: a...@rsa.com *** Regards Sol .O * Compliance Officer * Tucows Inc 96 Mowat Ave * Toronto * ON * M6K 3M1 complia...@tucows.com [image: Tucows] <http://tucowsdomains.com> This email is a service from Tucows Inc - Compliance. [JOVOXE-XZ31]
_______________________________________________ Tor2web-talk mailing list Tor2web-talk@lists.tor2web.org https://lists.ghserv.net/mailman/listinfo/tor2web-talk
