Educause Security Discussion mailing list archives
Re: malware in images
From: Jordan Wiens <numatrix () UFL EDU>
Date: Thu, 24 Jun 2004 13:34:39 -0400
On Thu, 24 Jun 2004, Brian Eckman wrote:
Kathy Bergsma wrote:64.46.100.96 65.254.51.42 66.98.190.22 67.15.42.34 67.18.79.20 69.50.170.214 69.93.54.158 81.211.105.24 195.208.235.66 207.150.192.12 213.159.117.131Am I mistaken, or is that just a list of IP addresses that have at least one Web site on them that is exploiting the unpatched IE flaw outlined at http://62.131.86.111/analysis.htm ?
You're not mistaken, that's correct.
What Doug is reporting is that a bunch of legitimate Web sites were hacked and had a specific piece of malware installed on them that pointed users to a specific URL. This means users visiting "legitimate" sites are being exploited, which is significant news. The other IP addresses have Web sites on them that are not what I would call "legitimate", and are typically getting people to visit them via Spam.
Absolutely. That list was just an fyi about the issue in general, not about those legitimate sites that have been compromised, thanks for the clarification. -- Jordan Wiens, CISSP UF Network Security Engineer (352)392-2061 ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
Current thread:
- malware in images Doug Pearson (Jun 23)
- <Possible follow-ups>
- Re: malware in images Doug Pearson (Jun 24)
- Re: malware in images Kathy Bergsma (Jun 24)
- Re: malware in images Brian Eckman (Jun 24)
- Re: malware in images Jordan Wiens (Jun 24)
- Re: malware in images Jeff Kell (Jun 24)