Oh goodie! A new tactic by the loser hackers! Although all our firewalls by default block IP’s located in the country of Mexico THAT’S NOT ENOUGH!
This hacker hacked a GMail account > then sent a PDF attachment with a “button” that had a link in it. That link takes you to a URL of: http://torresramos.com.mx/article/index.php
The loser hackers email looks like this:
If you click on the PDF which is harmless there’s a button in it that goes to the afore mentioned URL. The attached PDF looks like this:
Here are the Unified Hacking Layer networks we’re aware of for your blocking pleasure:
74.220.192.0/19 # Unified Layer
173.254.0.0/17 # Unified Layer
74.220.192.0/19 # Unified Layer
198.154.224.0/19 # Unified Layer
142.4.0.0/19 # Unified Layer
70.40.192.0/19 # Unified Layer
173.254.0.0/17 # Unified Layer
173.254.0.0/17 # UNIFIEDLAYER
74.220.192.0/19 # UNIFIEDLAYER
50.87.0.0/16 # UNIFIEDLAYER
We heart blocking Unified Layer. We prefer to block the entire network assuming it’s dirty and pin hole it as necessary.
Finally I emailed the domain holder that his website is hacked. I might text him too…we’ll see. I also contacted Unified Hacker Layer and let them know abuse {at} fastdomain.com (It’s actually changed to tos {at} fastdomain.com) with a nicely crafted email explaining how they in fact are a den of thieves and it’s time to bone up on security!
Update: That poor sucker (who might actually be the hacker) was shut down FINALLY!!!
Please support WhackersForHackers with a donation today: https://www.gofundme.com/29dqxfhw
Interested in our firewall product? Check it out! Free Hardware! http://firewallz.net