'[Emerging-Sigs] Mass File Injection Attack From Russia With Zlob'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       emerging-sigs
Subject:    [Emerging-Sigs] Mass File Injection Attack From Russia With Zlob
From:       jart351 () googlemail ! com (Jart Armin)
Date:       2008-05-13 0:32:16
Message-ID: 66fee9cd0805121732n18a0e565s395a0757914c9a18 () mail ! gmail ! com
[Download RAW message or body]

Jim & Co.

Great find  re; HaCKeD By BeLa & BodyguarD  - should add = it's a
fraud / con! - i.e.

Not the real Turkish, (anti French / anti US crew) e.g. iskorpitx & co
 = web site defacers! They are philosophically against exploits / RBN,
not for sale or hire, but they hold the record for 2,000 web site
defacements within 1 hour, inc., MSN and AOL.

According to Eurasian hack / crack insiders this is effort to
discredit the Turks, and usefully this may get some off the fence.
This is actually all being directed out of the Ukraine, for receptor
sites, 5tka com = forum and ID trading

217.199.216.0-217.199.219.255 QL-LAN-LL1 Leased-line customers
<<217.199.217.8 svb.kiev.ua >>217.199.217.10 svu.com.ua
217.199.208.0/20 JSC QUICKLINE
AS34221 QL AS JSC QUICKLINE Autonomous System Moscow Russia
217.199.216.0-217.199.219.255 QL-LAN-LL1 Leased-line customers
217.199.217.9
HTTP:UcoZXSrv/1.4.2
SMTP:220 s9.ucoz.ru ESMTP Postfix
DNS	*.moy.su		A		
3cbenefit.com		A		
5tka.com		A		
avtolubitelu.com		A		
cekcportal.com		A		
is-studio.com		A		
ivanovs.org.ua		A		
rapgames.net		A		
s9.ucoz.ru	PTR	A		
warriorsoflight.ru		A		
www.rapgames.net		A		
xprmn4u.info		A		

217.199.216.0-217.199.219.255 QL-LAN-LL1 Leased-line customers
<<217.199.217.9 xprmn4u.info >>217.199.217.11 idea2000.com.ua
217.199.208.0/20 JSC QUICKLINE
AS34221 QL AS JSC QUICKLINE Autonomous System Moscow Russia
217.199.216.0-217.199.219.255 QL-LAN-LL1 Leased-line customers
217.199.217.10
HTTP:UcoZXSrv/1.4.2
SMTP:220 s10.ucoz.ru ESMTP Postfix 	1shans.com		A		
bratus.com.ua		A		
buytovar.com		A		
euroopt.com		A		
fotoncenter.com		A		
hidden.kiev.ua		A		
icc-gag.com		A		
mega-tuner.com		A		
mss-webstudio.com		A		
s10.ucoz.ru	PTR	A		
sportline.kiev.ua		A		
sr-team.com		A		
studiya-professional.com		A		
svu.com.ua		A		
trancepeople.com		A		
uten03.ru		A		
vishivaem.com		A		
zamok.at.ua		A		



Jart




On Mon, May 12, 2008 at 3:33 PM, James McQuaid <jim.mcquaid at gmail.com> wrote:
> Some of the sites containing the xprmn4u.info injection also include
>  "HaCKeD By BeLa & BodyguarD".  If you do a corresponding Google
>  search, you will see that they have been very busy.
>
>
>
>  --
>  James McQuaid
>  http://www.jamesmcquaid.com
>

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic