Security Incidents mailing list archives
Re: Backdoor-CGT
From: Mike Barushok <barushok () keycreations com>
Date: Thu, 15 Jul 2004 21:34:15 -0500 (CDT)
Here is what I came up with: genmexe.biz. NS ns1.machinenamez.biz. genmexe.biz. NS ns2.machinenamez.biz. genmexe.biz. A 219.129.216.227 *.genmexe.biz. A 219.129.216.227 ns1.genmexe.biz. A 219.129.216.227 ns2.genmexe.biz. A 219.129.216.235 www.genmexe.biz. A 219.129.216.227 -And- inetnum: 219.128.0.0 - 219.137.255.255 netname: CHINANET-GD descr: CHINANET Guangdong province network descr: Data Communication Division descr: China Telecom country: CN admin-c: CH93-AP tech-c: WM12-AP mnt-by: MAINT-CHINANET mnt-lower: MAINT-CHINANET-GD changed: hostmaster () ns chinanet cn net 20020424 status: ALLOCATED PORTABLE source: APNIC person: Chinanet Hostmaster address: No.31 ,jingrong street,beijing address: 100032 country: CN phone: +86-10-66027112 fax-no: +86-10-58501144 e-mail: hostmaster () ns chinanet cn net e-mail: anti-spam () ns chinanet cn net nic-hdl: CH93-AP mnt-by: MAINT-CHINANET changed: hostmaster () ns chinanet cn net 20021016 remarks: hostmaster is not for spam complaint,please send spam complaint to anti-spam () ns chinanet cn net source: APNIC person: WU MIAN address: NO.1,RO.DONGYUANHENG,YUEXIUNAN,GUANGZHOU country: CN phone: +086-20-83877223 fax-no: +86-20-83877223 e-mail: ipadm () gddc com cn nic-hdl: WM12-AP mnt-by: MAINT-CHINANET-GD changed: ipadm () gddc com cn 20010820 source: APNIC On 15 Jul 2004 securityguy () dslextreme com wrote:
McAfee, and several news outlets, are reporting the spread of this trojan horse. Info at http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=126681 One of the entries at McAfee is that blocking genmexe.biz prevents dowloading the trojan. Has anyone seen an ip address for this url? - SG
-- Mike Barushok Senior Security Administrator KeyCreations.com/KCISP.net/ispKansas.com
Current thread:
- Backdoor-CGT securityguy (Jul 15)
- Re: Backdoor-CGT Nick FitzGerald (Jul 16)
- RE: Backdoor-CGT Security Guy (Jul 16)
- Re: Backdoor-CGT Mike Barushok (Jul 16)
- <Possible follow-ups>
- RE: Backdoor-CGT Tim . Spakowski (Jul 16)
- RE: Backdoor-CGT James C Slora Jr (Jul 16)
- Re: Backdoor-CGT Nick FitzGerald (Jul 16)