Threat Level: green Handler on Duty: Jan Kopriva

SANS ISC: InfoSec Handlers Diary Blog - SANS Internet Storm Center InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Swine Flu (Mexican Flu) related domains

Published: 2009-04-27
Last Updated: 2009-04-28 00:07:25 UTC
by Johannes Ullrich (Version: 1)
0 comment(s)

This is a first cut of a list of "Swine Flu" related domains. In Europe, this flu is usually refered to as "Mexican Flu". Right now none of the domains is spreading  malware or running donation scams. One appears to seel questionable pharmaceuticals ( The rest are either just parked, or offer some kind of information and may try to make some money with Google ads. Lots of the "information" is very minimal/incomplete/hype, but this classification is beyond a quick scan of the content.

Please let us know if you come across anything of interest. (use our contact page)

The list comes from Bojan's passive DNS system. (he will talk about this at SANSFIRE in June... don't miss it ).			links to birdflu site (google ads)		under construction			same as			same as			info site (google ads)		info site (google ads)			info site (google ads)			info site			info site (link to google ads)		junk search / link site				godaddy parked				godaddy parked				godaddy parked		info site (google ads)			godaddy parked				same as				same as				same as			under construction (wordpress site)			info site (google ads)			same as, forum			info site (google ads)			under construction			godaddy parked			godaddy parked			directory index / under construction			info site / onclose ads			unrelated info / ebay ads / amazon ads			godaddy parked			godaddy parked				same as			godaddy parked			same as		godaddy parked		junk site / parked		pharma ad, tamiflu UK (legit?)		info site (google ads)				parked/ads			info site (google ads)



Johannes B. Ullrich, Ph.D.
SANS Technology Institute     Follow johullrich on twitter

0 comment(s)
Diary Archives