[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Georgia government sites hacked (and spreadingmalware)

To: <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: Re: [Full-disclosure] Georgia government sites hacked (and spreadingmalware)
From: "Boris Trenn" <bt@xxxxxxxxxxx>
Date: Mon, 15 Feb 2010 16:58:28 +0100

Looks like the still work on it, meanwhile only the batik.php is avail.
Or something other deleted it with the phpshell inside :-)

-----Original Message-----
From: full-disclosure-bounces@xxxxxxxxxxxxxxxxx
[mailto:full-disclosure-bounces@xxxxxxxxxxxxxxxxx] On Behalf Of
dd@xxxxxxxxxx
Sent: Montag, 15. Februar 2010 16:27
To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] Georgia government sites hacked (and
spreadingmalware)

A few sites from the Georgia .gov have been attacking our honeypots...

Some analysis:
http://blog.sucuri.net/2010/02/georgia-government-sites-hacked-and.html

Thanks,

--dd

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: [Full-disclosure] Georgia government sites hacked (and spreading malware)
Next by Date: [Full-disclosure] Drupal Twitter Module Credential Exposure
Previous by thread: Re: [Full-disclosure] Georgia government sites hacked (and spreading malware)
Next by thread: [Full-disclosure] Drupal Twitter Module Credential Exposure
Index(es):
- Date
- Thread