Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
IDS alert -> ET CURRENT_EVENTS DNS Query to a .tk domain - Likely Hostile
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: IDS alert -> ET CURRENT_EVENTS DNS Query to a .tk domain - Likely Hostile (Read 3287 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 34066
malware fighter
IDS alert -> ET CURRENT_EVENTS DNS Query to a .tk domain - Likely Hostile
«
on:
July 17, 2013, 11:54:32 PM »
See:
http://urlquery.net/report.php?id=1
See:
https://www.virustotal.com/en/ip-address/93.170.52.31/information/
Resolution failed:
http://hosts-file.net/default.asp?s=93.170.52.31
bad host within two weeks saw 716 appearance(s) in spam e-mail or spam post urls
Both co.cc and t.k are very scam sensitive, co.cc is blocked and .tk is not?
Well, dot.tk and .co.cc domains are two of the most abused services. (APWG Global Phishing Survey 2H2010)
Info ten hosting forum Chris S, ->
https://dazzlepod.com/ip/93.170.52.31/
(media processing device there)
owned by see:
http://www.mywot.com/en/scorecard/dragonara.net?utm_source=addon&utm_content=popup-donuts
Bulletproof server and rogue ISP dedicated to provide traffic for cybercriminals: phishers, spammers
automatic spamming tools mainly.....
Only positive mention was Лучший антиддос хостинг/щит. + Антиабуз (remark on the antidos hosting protection shield)
polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
polonus
Avast Überevangelist
Probably Bot
Posts: 34066
malware fighter
Re: IDS alert -> ET CURRENT_EVENTS DNS Query to a .tk domain - Likely Hostile
«
Reply #1 on:
July 18, 2013, 12:00:34 AM »
Read about this big dragonara scammers network here:
http://www.talkgold.com/forum/showthread.php?t=251873&page=2
from forum poster = Tdinoz
and here:
http://www.forumpostersunion.com/showthread.php?t=5071
link author Anthony Cea
polonus
«
Last Edit: July 18, 2013, 12:11:51 AM by polonus
»
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
IDS alert -> ET CURRENT_EVENTS DNS Query to a .tk domain - Likely Hostile