NASK (the Polish domain registry) has taken over a number of domain names used in spreading viruses and infections.
The domain names were used to spread and control dangerous malware known as “Virut” . NASK’s actions are aimed at protecting Internet users from threats that involved the botnet built with Virut-infected machines, such as DDoS attacks, spam and data theft. The scale of the phenomenon was massive: in 2012 for Poland alone, over 890 thousand unique IP addresses were reported to be infected by Virut.
[…] Name servers for those domains were changed to sinkhole.cert.pl, controlled by CERT Polska – an incident response team operated by NASK. NASK’s actions were supported by threat intelligence data from CERT Polska, VirusTotal and Spamhaus. CERT Polska
RSS - Posts