昨天收到Netcraft Takedown Service的两封安全提示邮件,机器应该可能是被黑了
- Hello,
We have discovered a phishing attack on your network.
hxxps://*****.**/about.php [140.238.*.*]hxxps://*****.**/session [140.238.*.*]hxxps://*****.**/login?return_to=https%3A%2F%2Fgithub.com%2Fabout.php [140.238.*.*]hxxp://*****.**/ [140.238.*.*]hxxps://*****.**/ [140.238.*.*]
We previously contacted you about this issue on 2022-08-10 03:32:11 (UTC).
Since our last notification, the following additional URL(s) have been detected:
hxxp://*****.**/
hxxps://*****.**/about.php
hxxps://*****.**/login?return_to=https%3A%2F%2Fgithub.com%2Fabout.php
hxxps://*****.**/session
You may not have been aware of this attack, however, you are still responsible for removing it.
This attack targets our customer, GitHub, website URL https://github.com/.
Please remove this fraudulent content, and any other associated fraudulent content, as soon as possible.
Additionally, please keep the fraudulent content safe so that our customer and law enforcement agencies can investigate this incident further once the site is offline.
More information about the detected issue is provided at https://incident.netcraft.com/e6bee1634826/
Kind regards,
Netcraft
Phone: +44(0)1225 447500
Fax: +44(0)1225 448600
Netcraft Issue Number: 34779823
To contact us about updates regarding this attack, please respond to this email. Please note: replies to this address will be logged, but aren't always read. If you believe you have received this email in error, or you require further support, please contact: takedown@netcraft.com.
This mail can be parsed with x-arf tools. Visit http://www.xarf.org/ for more information about x-arf.
半夜收到探针告警,三台机器全部离线,刚刚登录一下后台,结果提示
your account has been disabled due to either tenant/user disable operation.
热议
推荐楼 VPS小白白 1小时前
你用过什么脚本?
2楼 提莫 8小时前
节哀,一顿火锅没了
3楼 hchen 8小时前
最近开始对元老级别的乌龟下手了吗?看到好几个很老的龟就这么没了。
4楼 gg96969696 7小时前
看来我这也没必要去注册这个玩意了
5楼 brucex 7小时前
这个邮件看起来是账号 被盗或者被找回了。
6楼 脱氧核糖核酸 7小时前
还不如卖给我
7楼 f10 7小时前
密钥登录还能被黑啊,用的脚本代码有问题吧。
8楼 mehui 6小时前
brucex 发表于 2022-8-11 08:51
这个邮件看起来是账号 被盗或者被找回了。
我自己注册的,何来找回。而且密码足够复杂,我自己都记不住
10楼 cdmumu 1小时前
这个邮件看起来是账号 被盗或者被找回了。
甲骨文删号,我也一个最早一批 首尔上月被删号
吃灰机 一台机器安装了一个宝塔
一个人在用,每天几M数据
所以那些买老号的注意了
12楼 初级管理员 1小时前
这是反代了github?
13楼 acpp 1小时前
甲骨文删号,我也一个最早一批 首尔上月被删号
吃灰机 一台机器安装了一个宝塔
一个人在用,每天几M数 ...
可能本来没事,会不会是因为安装宝塔关系。
14楼 programer 半小时前
40天号,瑟瑟发抖中
15楼 emptysuns 半小时前
你这是有攻击的行为啊,不是给你理由了吗,你在打github估计被种马当肉鸡了吧
16楼 onji 17分钟前
我的一百多天首尔也没了
申明:本文内容由网友收集分享,仅供学习参考使用。如文中内容侵犯到您的利益,请在文章下方留言,本站会第一时间进行处理。