MySpaceからのメッセージを騙るスパム - report.htm
Published: 2012/06/12
観測日: 2012/6/11
通数: 100通/day
手法: 誘導URL型
目的: マルウェア感染
特徴:
サイトに設置されるスクリプトファイルのファイル名が「report.htm」
文面。spaceの文字が抜けてますが。
文中のURL。wordpress系ですね。
http://fireeu.cric-projects.com/wp-content/themes/default/report.htm http://www.mobicommz.com/wp-content/plugins/google-sitemap-generator/report.htm http://www.sleepandmeditation.com/wp-content/plugins/google-sitemap-generator/report.htm http://www.sophieluk.cn/wp-content/themes/fancy/report.htm http://www.texastrophywildlife.com/wp-content/plugins/report.htm http://yourq4success.com/wp-content/themes/leaving/report.htm http://www.sitarcresta.co.za/modules/mod_wdbanners/report.htm http://www.sj-arifin.com/wp-content/themes/deserted/report.htm http://www.weddingdealstoday.com/wp-content/themes/classic/report.htm http://free-online-business.net/wp-content/plugins/report.htm http://giggoals.com/wp-content/themes/bukowski/report.htm http://indiancostumes.org/wp-content/plugins/wp-to-twitter/report.htm http://rose-island-bahamas.com/wp-content/themes/default/report.htm http://wordpressexperience.com/wp-content/plugins/report.htm http://www.kmlhomewares.com/wp-content/plugins/all-in-one-slideshow/report.htm http://www.koreagamewatch.com/wp/wp-content/uploads/report.htm http://www.neatylee.com/wp-content/plugins/akismet/report.htm http://www.ottzen.com/wp-content/themes/classic/report.htm http://www.pascalverbeke.be/wp-content/themes/45degrees/report.htm http://www.rvgsigns.com/wp-content/plugins/polldaddy/report.htm http://www.uipodcast.com/wp-content/themes/default/report.htm http://yash.cmyevents.com/wp-content/themes/twentyten/report.htm
domain | IP | 逆引き | AS | AS Name | country | |
---|---|---|---|---|---|---|
www.sitarcresta.co.za | 196.38.40.153 | mustafa.aserv.co.za. | 3741 | IS | SouthAfrica | |
www.koreagamewatch.com | 222.122.86.218 | NONE | 4766 | KIXS-AS-KR_Korea_Telecom | Korea | Republic |
www.kmlhomewares.com | 220.233.8.179 | 179.8.233.220.static.exetel.com.au. | 10143 | EXETEL-AS-AP_Exetel_Pty_Ltd | Australia | |
fireeu.cric-projects.com | 82.223.160.93 | mwwc933.servidoresdns.net. | 20718 | AS_ARSYS-EURO-1_arsys.es | Spain | |
free-online-business.net | 174.120.149.98 | gator1024.hostgator.com. | 21844 | THEPLANET-AS_-_ThePlanet.com_Internet_Services_Inc. | UnitedStates | |
rose-island-bahamas.com | 174.132.156.252 | fc.9c.84ae.static.theplanet.com. | 21844 | THEPLANET-AS_-_ThePlanet.com_Internet_Services_Inc. | UnitedStates | |
wordpressexperience.com | 174.132.76.170 | aa.4c.84ae.static.theplanet.com. | 21844 | THEPLANET-AS_-_ThePlanet.com_Internet_Services_Inc. | UnitedStates | |
www.sleepandmeditation.com | 174.120.116.221 | dd.74.78ae.static.theplanet.com. | 21844 | THEPLANET-AS_-_ThePlanet.com_Internet_Services_Inc. | UnitedStates | |
yourq4success.com | 174.120.155.124 | 7c.9b.78ae.static.theplanet.com. | 21844 | THEPLANET-AS_-_ThePlanet.com_Internet_Services_Inc. | UnitedStates | |
www.uipodcast.com | 74.80.8.13 | 74-80-8-13.MALL.stat.lusfiber.net. | 25921 | LAF-CONSOLIDATED-GOV_-_Lafayette_Consolidated_Government | UnitedStates | |
giggoals.com | 174.127.106.167 | slmp-550-12.slc.westdc.net. | 29854 | WESTHOST_-_WestHost_Inc. | UnitedStates | |
www.sj-arifin.com | 208.43.165.48 | 208.43.165.48-static.reverse.softlayer.com. | 36351 | SOFTLAYER_-_SoftLayer_Technologies_Inc. | UnitedStates | |
www.weddingdealstoday.com | 96.125.162.102 | NONE | 36351 | SOFTLAYER_-_SoftLayer_Technologies_Inc. | UnitedStates | |
yash.cmyevents.com | 96.125.164.29 | NONE | 36351 | SOFTLAYER_-_SoftLayer_Technologies_Inc. | UnitedStates | |
www.pascalverbeke.be | 87.238.162.72 | vz14.stone-is.net. | 39234 | STONE-IS_Stone_Internet_Services_bvba | Belgium | |
indiancostumes.org | 66.147.244.129 | box829.bluehost.com. | 46606 | BLUEHOST-AS-2_-_Bluehost_Inc. | UnitedStates | |
www.mobicommz.com | 70.40.215.42 | 70-40-215-42.hostmonster.com. | 46606 | BLUEHOST-AS-2_-_Bluehost_Inc. | UnitedStates | |
www.neatylee.com | 69.195.78.39 | 69-195-78-39.bluehost.com. | 46606 | BLUEHOST-AS-2_-_Bluehost_Inc. | UnitedStates | |
www.rvgsigns.com | 69.89.27.224 | box224.bluehost.com. | 46606 | BLUEHOST-AS-2_-_Bluehost_Inc. | UnitedStates | |
www.sophieluk.cn | 69.89.27.228 | box228.bluehost.com. | 46606 | BLUEHOST-AS-2_-_Bluehost_Inc. | UnitedStates | |
www.texastrophywildlife.com | 69.89.20.49 | box49.bluehost.com. | 46606 | BLUEHOST-AS-2_-_Bluehost_Inc. | UnitedStates |
by jyake