RBN: 'I See Alive IFRAMEs Everywhere' - UPDATE
During the weekend, the entire Newsland.ru which is among the most popular Russian news portals, was marked as as "this site may harm your computer" by StopBadware.org due to an IFRAME embedded link pointing to where else if not to the RBN.More here.
Considering that each and every embedded malware attack during 2007 that I assessed in previous posts, had something to do with the RBN in the form of a single RBN IP which was used in numerous malicious activities all at once, different sites get embedded with it, blackhat SEO postings at different forums etc. in this one the parties behind the attack dedicated a special IP with what looks like as a clean IP reputation.
Note: Oddly enough, IP prefixes from RBN strangely disappeared from the global routing system today... stay tuned. - ferg
posted by Fergie @ 11/06/2007 06:47:00 PM
0 Comments:
Post a Comment
<< Home