ещё одни пидарасы
TO WHOM IT MAY CONCERN:
The security team of cyscon GmbH requests you to remove/review the following file from/on your servers. It has been marked as malicious by our Cyber Threat Detection System:
################################################## ######################
# begin logs
IP: 5.........
URL:
http://www....-rx.net/
Tested on: 2015-10-27 16:53:39 +0100
Result: CYSC.FRAUD.SITE.PHARMACY-18
# end logs
################################################## ######################
In order to protect our customers, we have blacklisted the above mentioned URL.
To solve the issue and to reset the blacklisting, we kindly ask you to follow these instructions:
1. Please check if your machine has been compromised and is now being used by intruders for malicious activities, or if a legitimate user is engaged in activity that is in violation of your terms of service agreement. Further details and advisories can be found here:
https://www.c-sirt.org/faq-section/
2. Review the above mentioned URL and remove the offending content. Have a look if we have found more malicious content on your domain:
https://www.c-sirt.org/en/incidents-...www....-rx.net
3. Is the incident already solved? Simply visit the following URL to trigger a rescan of your file:
https://www.c-sirt.org/incident/81d7...4b12cf9983c721
As soon as the problem has been addressed the displayed incident will disappear on our page. Should this not happen, our Cyber Threat Detection System is still detecting malicious content.
SECURITY ADVISORY: Please advise your customer or web developer, alongside any other parties that might have visited the compromised website recently, to visit
https://www.check-and-secure.com/, as it is likely that at least one of your PCs is infected with malware. Our online service offers you a free security audit of your PC as well as free tools to remove harmful software.
You have received this message because you are listed as the contact for the network (AS# AS59711). This message is intended for the person responsible for computer security of your site. If this is not the correct address, please forward this message to the appropriate party.
Please note: If more than one IP address at your site is involved, or malicious code/malware is detected in more than one file, you may/will receive more than one notification, each one with different content. Additionally you may find an X-ARF report attached to this document. This includes relevant details regarding automated complaint parsing. Learn more about X-ARF here:
http://www.x-arf.org/specification.html
We hope this important information regarding the security of your customers/clients content was useful for you. In case of further questions, or if you need any help in resolving this issue, please feel free to contact us at <
[email protected]>. We, the C-SIRT team of cyscon GmbH, will assist you in any questions regarding the incident
[CSIRT#20151027100] .
Thank you,
--
CYSCON-SIRT (Security Incident Reporting Team)
cyscon GmbH
Poststrasse 9 | DE-40213 Duesseldorf
http://www.cyscon.de
Registration Court: Duesseldorf, HRB 66749
Management Board: Thorsten Kraft, Thomas Wolf