Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Malaysian phishing site also engaged in spamming...
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: Malaysian phishing site also engaged in spamming... (Read 1658 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 33895
malware fighter
Malaysian phishing site also engaged in spamming...
«
on:
September 27, 2012, 09:03:52 PM »
See:
http://zulu.zscaler.com/submission/show/49129fbb5c18766f09e3fba769d54db2-1348771205
mali server there at IP:
http://www.reversemx.com/mx/mail2.jendela.biz/
spotted at projecthoneypot 1 week ago:
http://www.projecthoneypot.org/ip_42.1.60.146
(registered since 2011)
blocked by google safebrowsing:
http://203.154.18.120/.na/.7/?https://www.nwolb.com/default.aspx?refererident=A2B27C80DB36139B13A59AD0AA79D84E23B04A24&cookieid=6680&noscr=false&CookieCheck=2012-09-26T07:49:55
polonus
As we would have a protocol where all non-malicious sites would need authorization, we could easily ruin spam and malware campaigns from the start on.
This could be achieved on a request response protocol basis, somewhat like DNS, and the non-suspicious status could be checked against a central authority that was being fed with all the information on the baddies from all sorts of anti-malware resources. Sources that have loads and loads of info on the baddies.
So no malicious website/hoster/server could escape the sinkhole or they had to meet the standards of the central authorities. This idea was launched by Roger Grimes a Security Adviser. Shall we see it implimented in our days?
D
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pondus
Probably Bot
Posts: 37527
Not a avast user
Re: Malaysian phishing site also engaged in spamming...
«
Reply #1 on:
September 27, 2012, 09:27:43 PM »
Listed at hpHosts
http://hosts-file.net/default.asp?s=http%3A%2F%2Fjendela.biz%2F.n%2F
and PhishTank ....meaning those using openDNS is protected
http://www.phishtank.com/phish_detail.php?phish_id=1574169
Logged
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Malaysian phishing site also engaged in spamming...