jim.mcquaid at gmail.com
Mon Jan 12 06:56:25 EST 2009
In the past, blink.com was responsible for desktop pop up ads, and an
Internet Explorer toolbar that delivered ads.
> From: Russell Fulton <r.fulton at auckland.ac.nz>
> Subject: [Emerging-Sigs] ET TROJAN Blink.com related Backdoor Checkin
> To: Emerging Threats Signatures <emerging-sigs at emergingthreats.net>
> Message-ID: <D9FE37F4-B9AE-4E2C-A57C-E812F8B76799 at auckland.ac.nz>
> Content-Type: text/plain; charset="us-ascii"
> I have a few machines triggering this rule and I am trying to find out
> just what sort of threat this is. It would seem that Blink.com is
> some sort of "enhanced web search" facility but I can't find any thing
> that indicates that there are any threats related to it.
> No references in the sig either...
> Here is what I'm seeing:
> GET /?vn=65562&partner=seekeen&ptag=SeeFreez&cid=55788f374f1
> am=0&pver=1&retries=0 HTTP/1.0..User-Agent: Mozilla/4.0 (com
> patible; MSIE 7.0; Windows NT 6.0)..Host: upgrade.seekeen.co
> m..Pragma: no-cache....
More information about the Emerging-sigs