[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Operation Ghost Click

Subject: Operation Ghost Click
From: andrew.fried at gmail.com (Andrew Fried)
Date: Thu, 26 Apr 2012 17:56:01 -0400
In-reply-to: <[email protected]>
References: <[email protected]>, <CA+qj4S_My6SMjpgKo0jur962=TCsf94tZBsRGDPCo+ky0SgtuQ@mail.gmail.com> <[email protected]>

I suggest you reach out to Shadowserver or Team Cymru if you're a
netblock owner.  They can provide daily reports of infected IPs.

Andy

Andrew Fried
andrew.fried at gmail.com

On 4/26/12 5:50 PM, Leigh Porter wrote:
> 
> On 26 Apr 2012, at 22:47, "Andrew Latham" <lathama at gmail.com<mailto:lathama at gmail.com>> wrote:
> 
> On Thu, Apr 26, 2012 at 5:38 PM, Jeroen van Aart <jeroen at mompl.net<mailto:jeroen at mompl.net>> wrote:
> 
> Yes its a major problem for the users unknowingly infected.  To them
> it will look like their Internet connection is down.  Expect ISPs to
> field lots of support s
> 
> Is there a list of these temporary servers so I can see what customers are using them (indicating infection) and head off a support call with some contact?
> 
> --
> Leigh
> 
> 
> ______________________________________________________________________
> This email has been scanned by the Symantec Email Security.cloud service.
> For more information please visit http://www.symanteccloud.com
> ______________________________________________________________________

References:
- Operation Ghost Click
  - From: jeroen at mompl.net (Jeroen van Aart)
- Operation Ghost Click
  - From: lathama at gmail.com (Andrew Latham)
- Operation Ghost Click
  - From: leigh.porter at ukbroadband.com (Leigh Porter)

Prev by Date: Operation Ghost Click
Next by Date: Operation Ghost Click
Previous by thread: Operation Ghost Click
Next by thread: Operation Ghost Click
Index(es):
- Date
- Thread