While finding malware on your network is always an unwelcome surprise, this week’s top 10 blocks from D-Zone DNS Firewall are not really surprising at all.
While finding malware on your network is always an unwelcome surprise, this week’s top 10 blocks from D-Zone DNS Firewall are not really surprising at all.
We continue to see the Mirai botnet on wowrack.com name servers lead the list by query count. A Google search indicates that wowrack is a managed server hosting and cloud provider and seeing this type of issue on an ns address is not something we would expect to persist.
Rounding out the top 10 we see a similar number of malware call home attempts as we see in most weeks, the continuing threat from Palevo, plus a return of jRAT, or Java Based Remote Access Trojans. These are particularly problematic as they are constantly evolving and run in a browser and can execute a malware payload download.
And finally, a new entrant is a WPAD proxy hijack that can expose users online accounts through man-in-the-middle style attacks.
|
Domain Name |
Category |
Threat Type |
|
ns6.wowrack.com |
BLOCK |
Mirai |
|
ns5.wowrack.com |
BLOCK |
Mirai |
|
superyou.zapto.org |
BLOCK |
Spybot |
|
pixeldgarui.xyz |
BLOCK |
Malware Call Home |
|
zws12.com |
BLOCK |
Malware Call Home |
|
redwassheptal.com |
BLOCK |
Malware Call Home |
|
wpad.domain.name |
BLOCK |
WPAD proxy hijack |
|
doingtracks.duckdns.org |
BLOCK |
jRAT |
|
sandra.prichaonica.com |
BLOCK |
Palevo |
|
l33t.brand-clothes.net |
BLOCK |
Palevo |
Rob a acquis plus de 20 ans d’expérience de la rédaction, de la présentation et du blogage à l’intention de l’industrie des technologies. Il aborde des thèmes aussi variés que les outils de développement de logiciels, l’ingénierie inverse de Silicon, la cybersécurité et le DNS. De fait, Rob est un spécialiste du marketing passionné qui s’adresse aux professionnelles et aux professionnels des TI en leur donnant les renseignements et les précisions dont ils ont besoin pour s’acquitter de leurs tâches.
