To report a botnet PRIVATELY please email: [EMAIL PROTECTED] ---------- On Thu, 21 Sep 2006, Alavan wrote: > To report a botnet PRIVATELY please email: [EMAIL PROTECTED] > ---------- > Thanks Gadi. I hadn't been checking my [botnet] box, so I missed the > discussion. My apologies. Lots of good info there. I just found it bizarre > that we began getting flooded for about 2 hours and then it tapered off to > almost nothing. I wonder what website/e-mail they're all visiting/clicking > on that's getting them in trouble.....if I get any info on this, I'll > forward it. > > Tomorrow morning, I'll be cleaning a customer's PC that was infected. I may > or may not get further information. > > The symptoms were IE closing right after opening. Disabling "Enable 3rd > party browser extensions" allows IE to run properly. Another post states > that disabling Javascripting does the same. > > We had probably several hundred trends (customer support reps trending their > issue with the customer) between 3:30pm and 5:00pm PST and then it started > tapering off.
Other ISPs are also reporting massive floods of their tech support lines. The hours can be explained by "leaving work" and going home, but I am not sure. > > Alavan > > > ----- Original Message ----- > From: "Elia Florio" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Thursday, September 21, 2006 5:49 PM > Subject: Re: [botnets] Possible zero-day exploit? > > > > Your symptoms look very similar to the recent VML 0day exploit for IE. > > Any sample/page to submit? Any URL to analyze? > > > > EF > > > > ----- Original Message ----- > > From: "Alavan" <[EMAIL PROTECTED]> > > To: <[email protected]> > > Sent: Friday, September 22, 2006 2:22 AM > > Subject: [botnets] Possible zero-day exploit? > > > > > >> To report a botnet PRIVATELY please email: [EMAIL PROTECTED] > >> ---------- > >> I work at a Tier 1 ISP (Cox Communications). We are getting slammed with > >> customers calling regarding IE closing right after opening (thousands of > >> calls). Normally this is virus related. I have to look at a machine to > >> see what's going on.... > >> > >> If anyone hears anything...... > >> > >> Regards, > >> > >> Alavan > >> _______________________________________________ > >> To report a botnet PRIVATELY please email: [EMAIL PROTECTED] > >> All list and server information are public and available to law > >> enforcement upon request. > >> http://www.whitestar.linuxbox.org/mailman/listinfo/botnets > >> > > > > > > _______________________________________________ > To report a botnet PRIVATELY please email: [EMAIL PROTECTED] > All list and server information are public and available to law enforcement > upon request. > http://www.whitestar.linuxbox.org/mailman/listinfo/botnets > _______________________________________________ To report a botnet PRIVATELY please email: [EMAIL PROTECTED] All list and server information are public and available to law enforcement upon request. http://www.whitestar.linuxbox.org/mailman/listinfo/botnets
