nanog mailing list archives
Re: SkypeSetup Rogue Download
From: Rubens Kuhl <rubensk () gmail com>
Date: Mon, 20 Apr 2009 00:32:21 -0300
Could be a local trojan inserting bogus entries on the hosts file, could be DNS poisoning on one particular resolver, or an infection on the distribution source. Rubens On Sun, Apr 19, 2009 at 5:55 PM, Mari Nichols <mari () imarsolutions com> wrote:
I believe the file is originating directly from Skype. Our writer stated that he had tried download.com's version and it was clean against VT. I'm on ISC handler duty today, just wondering if anyone had seen this happening. Mari Nichols HoD ________________________________ From: Paul Ferguson <fergdawgster () gmail com> To: Mari Nichols <mari () imarsolutions com> Sent: Sunday, April 19, 2009 4:31:06 PM Subject: Re: SkypeSetup Rogue Download -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sun, Apr 19, 2009 at 12:55 PM, Mari Nichols <mari () imarsolutions com> wrote:Has anyone seen anything like this? http://www.virustotal.com/analisis/f58203f8d5cb98628eaa785e27c9e059Hi, Could you provide the URL where that file is located? Thanks, - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.5.3 (Build 5003) wj8DBQFJ64oEq1pz9mNUZTMRAs4MAJ9x8vwDJzMEnci72jEK7hNEd2NmdQCfRUgE B4Se4ZXdcTaoT4h1SHfmC4Q= =wXNG -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawgster(at)gmail.com ferg's tech blog: http://fergdawg.blogspot.com/
Current thread:
- SkypeSetup Rogue Download Mari Nichols (Apr 19)
- Message not available
- Re: SkypeSetup Rogue Download Mari Nichols (Apr 19)
- google noc John Martinez (Apr 19)
- Re: google noc Matthew Moyle-Croft (Apr 19)
- Re: SkypeSetup Rogue Download Rubens Kuhl (Apr 19)
- Re: SkypeSetup Rogue Download Mari Nichols (Apr 19)
- Message not available