Emotet malware distribution @195.208.1.108 [compromise website]

The host at this IP address is hosting a website that have been compromised by threat actors to distribute Emotet (aka Heodo) malware. The following URL is hosting a webshell that is being accessed by the threat actors programmatically to place malware on the website:

URL: http://www.mss2.ru/wp-content/uploads/2013/09/JST10x.php
Host: www.mss2.ru
IP address: 195.208.1.108
Hostname: std-carp8-http.nic.ru

Опубликовано
В рубрике nic.ru

Добавить комментарий

Ваш адрес email не будет опубликован.