Same old, same old story, again and again...
"They" operate badly developed, badly implemented "sites", full of well known vulns, but the issue, the "bad guy on set," is a tor relay...
-------- Original Message --------
Subject: [tor-relays] Keep smiling only - i dont expect any answer
Time (GMT): Apr 01 2015 14:02:00
From: cmar433@xxxxxxxxxx
To: tor-relays@xxxxxxxxxxxxxxxxxxxx
nice abuse :)
From: isac@xxxxxxxxxx
To: abuse@xxxxxxxxx
Date: 01.04.2015 08:42:07
Subject: [KF/ISAC] Warning! Unauthorized Access Trial!
Dear Network Manager :
I am a network security manager of Korea Financial Telecommunications and Clearings Institute(KFTC).
My job is to protect Korean financial organizations from illegal intrusion attacks.
We have received a report of unauthorized access trial originating from your site as shown below.
--------------------------------------------------------------------------------
Date/Time(GMT+9): 2015-04-01 12:47:46 ~ 2015-04-01 12:47:46
Source IP : 37.157.192.208
Destination IP : 59.11.68.197
Attack Type : FCKeditor_Vul
--------------------------------------------------------------------------------
We are seriously considering notifying these illegal attempts to the related authorities of both your and our countries and requesting proper legal actions.
So, please take appropriate measures to identify and stop the attacker. And, please inform us of the results. (isac@xxxxxxxxxx)
Thank you for your cooperation.
p.s. : If you are not the correct person to deal with this incident, please forward this to the proper person and inform us for future convenience.