El 01/09/12 02:00, David Haller escribió:
WTF? ONE specific IP in a virus? That resolves to a polish operated host in the Netherlands attached to a router in the Netherlands? (c.f. 'whois 212.7.208.65' and 'traceroute 212.7.208.65' and a whois on the second to last hop).
And _NOTHING_ about method of attack / propagation??? Via Flash / JS^WECMA Script / Java / browser-specific bugs, or whatever???
Fishy!
I'd stay wary and follow this a bit, watch CERT announcements etc., but it has a more than just a hint of a hoax / scareware ...
Looks like a pretty amateurish thing to use one IP address... but there is not enough information to make a judgment, however there is more than enough history on buggy plugins like flash or java to be at least cautious. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org