[Emerging-Sigs] ET TROJAN Blink.com related Backdoor Checkin
r.fulton at auckland.ac.nz
Sun Jan 11 21:50:31 EST 2009
I have a few machines triggering this rule and I am trying to find out
just what sort of threat this is. It would seem that Blink.com is
some sort of "enhanced web search" facility but I can't find any thing
that indicates that there are any threats related to it.
No references in the sig either...
Here is what I'm seeing:
am=0&pver=1&retries=0 HTTP/1.0..User-Agent: Mozilla/4.0 (com
patible; MSIE 7.0; Windows NT 6.0)..Host: upgrade.seekeen.co
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 4125 bytes
Desc: not available
Url : http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20090112/07b769ef/smime.bin
More information about the Emerging-sigs