This IP is a part one of a bot seeder...using a browser insert to cause you flash player to crash. When it does, the seeder redirects your site to a phoney but realistic looking Adobe page prompting you to download a replacement player.
The attack:
The attack pulls a snmp attack through port 443 of your browser.
Photos courtescy of Doc.
No comments:
Post a Comment