|
|
|
|
|
So for the last few days Trend Micros Japanese based Server Cluster has been attempting to gain access to the FurrTrax Server.
I first thought this was some form of search bot malfunctioning or some simular BS, but then my Security System began issuing me about 70 alerts a day about them attempting to get access to the FurrTrax Chat logs.
Believe me i am dumbfounded as many of you may be as to why they want the chat logs, why they are attempting to view them without having ever asked. And what business they could possibly have with said logs in the first place. But more importantly, how they knew which file to attempt to download, since its in a protected and un-indexable folder. Tho i suspect perhaps they too wanted to snag a quick users list to use for spamming and selling their Shitty Anti-Virus Software to.
Or perhaps they wanted to study the furrtrax chatroom to inject messages into it in the form of advertisements....
Honestly i only know what they went after, not why they wanted it.
I dont like when people attempt to take advantage of my things, and i like it even less when they try to do so blatantly with complete disregard.
The attempts came from about 15 different IPs all within the range owned by Trend Micro and used for their Japan Based datacenter.
All IPs began with 150.70.xxx.xxx and included the following:
150.70.172.203, 150.70.97.120, 150.70.75.31, 150.70.64.212, 150.70.172.208, 150.70.97.42, 150.70.75.212.
Additionally, there was another IP that performed the same exact attack, but lies in a different subnet. This IP predated the 150.70 subnets attempts, therefore it is my theory this next IP may be on the command and control level at Trend Micro, however that is un-confirmed. At the very least there is a connection between Trend, and this person/location, 62.24.181.134, 62.24.181.135
UPDATE
I Talked on the phone today with upper level Trend Micro Support after having to resort to threatening legal action and they CONFIRMED that it was their servers that instigated the attack and that the listed ips in the 150.70 range belong to their Japanese operations center. However they claim no knowledge of the other two ips and no knowledge of why their servers attacked the furrtrax server. I am not sure i believe them since it took over an hour for them to admit to owning the listed ips.
Comments:
|
|
|
|
|
|
|
|
