This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[members-discuss] WARNING! attempts at delivering malware from this mailing list
- Previous message (by thread): [members-discuss] Legal compliance doubts
- Next message (by thread): [members-discuss] WARNING! attempts at delivering malware from this mailing list
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Andrzej Ława
andrzej.lawa at dawis-it.pl
Wed Mar 30 13:31:43 CEST 2022
As I was afraid Russian agents are trying to distribute malware using data from this mailing list (links to onedrive.com to download something). In last days I've received at least two spoofed e-mail pretending to be from this mailing list quoting my older posts in this mailing list - thus it has to be an attempt from someone who has access to this mailing list. The offending IPs are: 62.3.58.13 and 193.233.207.195 (originating mail IPs, both geolocated in Russian Federation) I say again: both spoofed e-mail were quoting my older mails on this mailing list and attempting to pretend to be responses to my inquiries (one "personal information" and one "you can pay here for your LIR membership"). Thus the perpetrator has to be a LIR, not just a user of those operators. What are the RIPE rules regarding LIRs trying to send other LIRs malware? -- Regards Andrzej Ława tel. 500 206 268 DAWIS IT Sp. z o.o., 05-800 Pruszków, ul. Staszica 1 NIP 5342409456 / REGON 141663620/ KRS 0000319237
- Previous message (by thread): [members-discuss] Legal compliance doubts
- Next message (by thread): [members-discuss] WARNING! attempts at delivering malware from this mailing list
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]