[152357] in North American Network Operators' Group
Re: Operation Ghost Click
daemon@ATHENA.MIT.EDU (Kyle Creyts)
Thu Apr 26 17:58:11 2012
In-Reply-To: <10BFFB88-881B-4C13-A039-C6A83C5943B1@ukbroadband.com>
Date: Thu, 26 Apr 2012 17:57:36 -0400
From: Kyle Creyts <kyle.creyts@gmail.com>
To: Leigh Porter <leigh.porter@ukbroadband.com>
Cc: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
http://www.fbi.gov/news/stories/2011/november/malware_110911/DNS-changer-malware.pdf
On Apr 26, 2012 5:48 PM, "Leigh Porter" <leigh.porter@ukbroadband.com>
wrote:
>
> On 26 Apr 2012, at 22:47, "Andrew Latham" <lathama@gmail.com<mailto:
> lathama@gmail.com>> wrote:
>
> On Thu, Apr 26, 2012 at 5:38 PM, Jeroen van Aart <jeroen@mompl.net<mailto:
> jeroen@mompl.net>> wrote:
>
> Yes its a major problem for the users unknowingly infected. To them
> it will look like their Internet connection is down. Expect ISPs to
> field lots of support s
>
> Is there a list of these temporary servers so I can see what customers are
> using them (indicating infection) and head off a support call with some
> contact?
>
> --
> Leigh
>
>
> ______________________________________________________________________
> This email has been scanned by the Symantec Email Security.cloud service.
> For more information please visit http://www.symanteccloud.com
> ______________________________________________________________________
>
