Request for info, IPs, exploit examples on PDF mailto documents

Published: 2007-10-26
Last Updated: 2007-10-27 02:38:10 UTC
by Adrien de Beaupre (Version: 3)
0 comment(s)

Hi all,

we are looking for examples of the PDFs being sent out, snort signatures, the IP addresses sending them out, the IP addresses they download malware from, and examples of the malware.

Please upload here:

Adrien de Beaupré
Bell Canada

UPDATE:  Thanks all for the examples for the pdf's.  Please be sure and submit some IP addresses for the controllers, if you have anymore.   I've been told that Snort rules have been created by Sourcefire's VRT team.  They are subscription only.

Joel Esler

0 comment(s)


Diary Archives