Newly Listed IRS Scam and Zbot Domains

A new list of IRS Scam and Zbot domains was recently posted on malwareurl.com. These are interesting as the domain names are altered only slightly and end in .eu. There are a total of 28 domains and 20 unique IP addresses.

yoky1w.eu 79.117.171.75
mi11f1.eu 187.64.34.106
mi11fa.eu 187.64.34.106
mi11fd.eu 79.184.58.166
mi11fe.eu 187.64.34.106
mi11ff.eu 85.106.95.114
mi11fi.eu 194.54.48.50
mi11fp.eu 79.184.58.166
mi11fq.eu 79.186.68.243
mi11fr.eu 190.46.93.230
mi11fs.eu 188.124.232.92
mi11ft.eu 187.64.34.106
mi11fw.eu 190.46.93.230
mi11fy.eu 194.54.48.50
yoky1a.eu 79.109.163.252
yoky1c.eu 77.41.105.36
yoky1d.eu 89.74.19.174
yoky1e.eu 85.136.132.50
yoky1f.eu 77.255.108.52
yoky1g.eu 95.208.30.24
yoky1n.eu 85.137.227.84
yoky1r.eu 74.3.203.93
yoky1t.eu 74.3.203.93
yoky1v.eu 95.208.30.24
yoky1x.eu 85.136.132.50
yoky1y.eu 74.3.203.93
yoky1z.eu 74.3.203.93
xyg1qe.eu 59.93.83.148

Stay tuned for more info on the zbot trojan coming soon. This financial malware is one of the biggest threats with the worst detection rates out there...very dangerous!
 

Green Cloud Security

Web security and converged threats are among the biggest issues in network security. Green Cloud Security provides the latest information on these threats.

Follow us on Twitter and RSS!

twitter / greencloudsec



Term of Use

My Blog List

SANS ISC SecNewsFeed

Security Bloggers Network