[tor-relays] Fwd: US-CERT Avalanche Notification INC000010
Monkey Pet
monkeypet at gmail.com
Tue Jan 24 01:57:42 UTC 2017
I received the following email from my ISP, the IP belongs to the tor exit
node. I am wondering if the DHS is sending it out to all tor exit nodes?
We received a notice from Homeland Security that a device using your
current IP address is infected the Avalanche Malware. The full details are
below. Please run antivirus and network security software on all your
devices immediately.
Thank you,
ISP
A trusted third party notified the Department of Homeland Security United
States National Cybersecurity & Communications Integration Center (NCCIC)
that one or more machines on your network was infected with malware
associated with the Avalanche botnet infrastructure during December 2016.
Avalanche is a large global network hosting infrastructure used by cyber
criminals to conduct phishing and malware distribution campaigns and money
mule schemes.
A system infected with Avalanche associated malware may be subject to
malicious activity including the theft of user credentials and other
sensitive data, such as banking and credit card information. Some of the
malware has the capability to encrypt user files and demand a ransom be
paid by the victim to regain access to those files. In addition, the
malware may allow criminals unauthorized remote access to the infected
computer. Infected systems could be used to conduct distributed
denial-of-service (DDoS) attacks. For additional information, please see
the following US-CERT Technical Alert (TA16-336A):
https://www.us-cert.gov/ncas/alerts/TA16-336A
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20170123/e0dc95f9/attachment.html>
More information about the tor-relays
mailing list