[Emerging-Sigs] New Zeus thing?
wkitty42 at windstream.net
Mon Sep 15 14:38:13 EDT 2014
On 9/15/2014 10:09 AM, Packet Hack wrote:
> HEAD / HTTP/1.1
> Host: tdsitmqawom
> Connection: keep-alive
> Content-Length: 0
> User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko)
> Chrome/37.0.2062.120 Safari/537.36
> Accept-Encoding: gzip,deflate
> Seeing this in conjunction with Zeus traffic.
without a FQDN, could this thing be attempting to connect over some sort of VPN
to other machines in the VPN? would this take the term "botnet" to a new level?
NOTE: No off-list assistance is given without prior approval.
Please *keep mailing list traffic on the list* unless
private contact is specifically requested and granted.
More information about the Emerging-sigs