Never trust an AS whose abuse-mailbox is using a Gmail account (piotrek89@gmail.com), and in particular one that you’ve come across to during several malware campaigns over the past couple of month. It’s AS6851, BKCNET “SIA” IZZI I’m referring to, also known as Sagade Ltd.
Let’s dissect the currently ongoing malicious activity at that Latvian based AS, expose the exploit/malware/crimeware/
View full post on Dancho Danchev’s Blog – Mind Streams of Information Security Knowledge
Related Posts
- Mass Injections Leading to g01pack Exploit Kit
Our ThreatSeekerR Network is constantly on the lookout to protect our customers from malicious attacks. Recently it has detected a new injection attack which leads to an obscure Web attack kit.&... - Scareware SEO attack exploits engagement of Prince William and Kate Middleton
Yesterday, the news wires were hot with the announcement of the engagement of Prince William to Kate Middleton. As ever with hot news stories, one thing is inevitable. It is just a matter of time befo... - Microsoft sees “unprecedented wave” of Java malware exploits
There has been an "unprecedented wave" of exploits against vulnerabilities in Oracle's Java during the third quarter of this year, according to data from the Microsoft Ma... - Mobile Malware Exploits on the Way, Experts Say (PC World)
PC World - Smartphone exploits are coming, as cybercriminals start to figure out how to make money by hacking mobile devices, two mobile security experts said Tuesday.
View full post on Yahoo! News... - Mobile malware exploits on the way, experts say
Smartphone exploits are coming, as cybercriminals start to figure out how to make money by hacking mobile devices, two mobile security experts said.
View full post on Computerworld Security News... - Evil network: Sagade Ltd / ATECH-SAGADE AS6851 (85.234.190.0/23)
I've mentioned Sagade Ltd before, it's a totally Black Hat Latvian network that should be blocked on sight. Google's Safe Browsing diagnostic for this range is fairly damning:
Has this site acted as ... - BlackHat 2010: Broken Browsers, Malware Fingerprinting, And Exploits Made Easy
I attended the DEFCON and Black Hat conferences earlier this year. Here are some of my thoughts on some of the sessions that may have serious long-term security implications for users.
Breaking Browse... - Sagade Ltd is still evil
I blogged about AS6851 / Sagade Ltd / ATECH-SAGADE a little while ago. A Java-based drive-by download from one of their servers brought them to my attention again.Basically, 91.188.59.0 - 91.188.59.25... - Facebook Photo Album Themed Malware Campaign, Mass SQL Injection Attacks Courtesy of AS42560
A spamvertised through Facebook personal messages, Photo Album themed campaign, with the domain IP responding to ZeuS C&Cs, combined with an indirect connection between this campaign and the "100,... - Scareware, Sinowal, Client-Side Exploits Serving Spam Campaign in the Wild
AS50215 Troyak-as customers are back, with an ugly mix of scareware, sinowal, and client-side exploits serving campaign using the "You don't have the latest version of Macromedia Flash Player" theme....
Posted on 15 July 2010. Tags: AS6851, BKCNET, Courtesy, Exploits, Ltd., Malware, Sagade, Sagade Ltd, Scareware
