The strange case of the inte1sat domain name - Security Labs: "Using the registration information, we found a paper authored by Command Five that indicates that the contact has been registering domains involved in APT and corporate cyber espionage attacks. The entire document is available here: http://www.commandfive.com/papers/C5_APT_SKHack.pdf We cannot confirm that there is a problem in the Google OCR PDF caching mechanism that results in instances of "inte1sat.com" showing up in search results, particularly those of papers hosted by the FCC. We can conjecture that if there is a flaw, it is being exploited via a typo squatting technique to deliver an exploit. Continuing our search, we discovered additional strong evidence. Going back to the beginning of the analysis, it turns out that the IP address 174.139.91.163, where "inte1sat.com" is hosted, also hosts many other domains. Four especially attracted our interest. Specifically: . . . "
Follow @zqure
No comments:
Post a Comment