goldeneye Posted April 17, 2014 Posted April 17, 2014 This week alone, I've been getting hit with at least two dozen spamvertized links from an apparent botnet in the 87.239.156.0/24 range (located in Bulgaria)... http://www.spamcop.net/sc?id=z5880145661z6...c561125266ab57z http://www.spamcop.net/sc?id=z5880145346z2...2b1098cd9b1955z http://www.spamcop.net/sc?id=z5880134197z7...3761750eb14831z http://www.spamcop.net/sc?id=z5880133926z3...298697136c06b8z http://www.spamcop.net/sc?id=z5880133838zd...42f6c219f982cfz http://www.spamcop.net/sc?id=z5880133661z5...16f54a0d9eae9dz http://www.spamcop.net/sc?id=z5880096245zf...dbcfb9347cd114z http://www.spamcop.net/sc?id=z5880095907z2...d1e9d7260bc3f5z http://www.spamcop.net/sc?id=z5879984020z4...f49615e7a46fdcz http://www.spamcop.net/sc?id=z5879887574z1...365d27ca509bc4z http://www.spamcop.net/sc?id=z5879615043z7...31e7b21d6defbcz http://www.spamcop.net/sc?id=z5877928448za...f13b9c12feca29z http://www.spamcop.net/sc?id=z5876873845z3...6e933103889008z http://www.spamcop.net/sc?id=z5876731993z7...d83bed804e4559z http://www.spamcop.net/sc?id=z5876529309z9...a71f4f471e62b2z http://www.spamcop.net/sc?id=z5874861169z1...9bc182aad1d813z http://www.spamcop.net/sc?id=z5874339058z6...a0711e5a6af332z http://www.spamcop.net/sc?id=z5874339056zf...76c23e041e7c75z http://www.spamcop.net/sc?id=z5874337416z8...b14eb3c41074acz http://www.spamcop.net/sc?id=z5874337307zd...5d01d7abff66b8z http://www.spamcop.net/sc?id=z5874334112zb...8b269401aa5d8ez http://www.spamcop.net/sc?id=z5874334110z0...8419ed5b409befz http://www.spamcop.net/sc?id=z5871263934ze...6044bd2ea3d021z http://www.spamcop.net/sc?id=z5871263933z7...42b2eddfc03ca9z So far, the spamvertized IP's are: 87.239.156.99 87.239.156.100 87.239.156.101 87.239.156.102 87.239.156.114 87.239.156.118 87.239.156.121 87.239.156.123 87.239.156.126 Are we dealing with a potential botnet here?
alvarnell Posted April 17, 2014 Posted April 17, 2014 Are we dealing with a potential botnet here?I believe the source of the majority of spam these days is from botnets.
petzl Posted April 17, 2014 Posted April 17, 2014 This week alone, I've been getting hit with at least two dozen spamvertized links from an apparent botnet in the 87.239.156.0/24 range (located in Bulgaria)... So far, the spamvertized IP's are: 87.239.156.99 87.239.156.100 87.239.156.101 87.239.156.102 87.239.156.114 87.239.156.118 87.239.156.121 87.239.156.123 87.239.156.126 Are we dealing with a potential botnet here? None are listed by CBL? cert[at]govCERT.bg is the reporting address for Bulgaria The email servers seems USA/Canada spam[at]uce.gov usa Forward as attachment to Cert addresses (not sure of Canadas) Write comments in the body of Forwarded message
Recommended Posts
Archived
This topic is now archived and is closed to further replies.