Jump to content
Sign in to follow this  
Followers 0
goldeneye

Spamvertized links from apparent botnet??? at 87.239.156.0/24

By goldeneye, in SpamCop Lounge

Recommended Posts

goldeneye    0

goldeneye
Posted

This week alone, I've been getting hit with at least two dozen spamvertized links from an apparent botnet in the 87.239.156.0/24 range (located in Bulgaria)...

http://www.spamcop.net/sc?id=z5880145661z6...c561125266ab57z

http://www.spamcop.net/sc?id=z5880145346z2...2b1098cd9b1955z

http://www.spamcop.net/sc?id=z5880134197z7...3761750eb14831z

http://www.spamcop.net/sc?id=z5880133926z3...298697136c06b8z

http://www.spamcop.net/sc?id=z5880133838zd...42f6c219f982cfz

http://www.spamcop.net/sc?id=z5880133661z5...16f54a0d9eae9dz

http://www.spamcop.net/sc?id=z5880096245zf...dbcfb9347cd114z

http://www.spamcop.net/sc?id=z5880095907z2...d1e9d7260bc3f5z

http://www.spamcop.net/sc?id=z5879984020z4...f49615e7a46fdcz

http://www.spamcop.net/sc?id=z5879887574z1...365d27ca509bc4z

http://www.spamcop.net/sc?id=z5879615043z7...31e7b21d6defbcz

http://www.spamcop.net/sc?id=z5877928448za...f13b9c12feca29z

http://www.spamcop.net/sc?id=z5876873845z3...6e933103889008z

http://www.spamcop.net/sc?id=z5876731993z7...d83bed804e4559z

http://www.spamcop.net/sc?id=z5876529309z9...a71f4f471e62b2z

http://www.spamcop.net/sc?id=z5874861169z1...9bc182aad1d813z

http://www.spamcop.net/sc?id=z5874339058z6...a0711e5a6af332z

http://www.spamcop.net/sc?id=z5874339056zf...76c23e041e7c75z

http://www.spamcop.net/sc?id=z5874337416z8...b14eb3c41074acz

http://www.spamcop.net/sc?id=z5874337307zd...5d01d7abff66b8z

http://www.spamcop.net/sc?id=z5874334112zb...8b269401aa5d8ez

http://www.spamcop.net/sc?id=z5874334110z0...8419ed5b409befz

http://www.spamcop.net/sc?id=z5871263934ze...6044bd2ea3d021z

http://www.spamcop.net/sc?id=z5871263933z7...42b2eddfc03ca9z

So far, the spamvertized IP's are:

87.239.156.99

87.239.156.100

87.239.156.101

87.239.156.102

87.239.156.114

87.239.156.118

87.239.156.121

87.239.156.123

87.239.156.126

Are we dealing with a potential botnet here?

Share this post

Link to post
Share on other sites

alvarnell    0

alvarnell
Posted
Are we dealing with a potential botnet here?
I believe the source of the majority of spam these days is from botnets.

Share this post

Link to post
Share on other sites

petzl    0

petzl
Posted

This week alone, I've been getting hit with at least two dozen spamvertized links from an apparent botnet in the 87.239.156.0/24 range (located in Bulgaria)...

So far, the spamvertized IP's are:

87.239.156.99

87.239.156.100

87.239.156.101

87.239.156.102

87.239.156.114

87.239.156.118

87.239.156.121

87.239.156.123

87.239.156.126

Are we dealing with a potential botnet here?

None are listed by CBL?

cert[at]govCERT.bg

is the reporting address for Bulgaria

The email servers seems USA/Canada

spam[at]uce.gov usa

Forward as attachment to Cert addresses (not sure of Canadas)

Write comments in the body of Forwarded message

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  
Followers 0
Go To Topic Listing SpamCop Lounge
×