eruption.mu denial

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

From: Ish Sookun <ish_at_hacklog.in>
Date: Tue, 09 Jun 2015 21:07:39 +0400

Dear Sir/Madam,

I notice you have published an announcement[1] on your website denying
that your website was ever compromised. You referred an article
published by lexpress.mu[2].

I would like to bring to your attention that on 10 May 2015 the
following subdomains under eruption.mu were compromised:

- erp.eruption.mu
- film.eruption.mu

The initial report came from S. Moonesamy on the Mauritius Internet
Users mailing list[3].

I verified the same, confirmed and added CERT-MU in the loop.

At the moment of writing your subdomain erp.eruption.mu still points to
5.196.20.145 with no web content while film.eruption.mu has no DNS record.

[1] http://www.elandsys.com/~sm/www-eruption-mu-announce20150608.png
[2]
http://www.lexpress.mu/article/263693/cinq-sites-internet-pirates-groupes-terroristes
[3]
http://lists.elandnews.com/archive/mauritius/internet-users/2015/05/1445.html

Regards,

-- 
Ish Sookun
- Geek by birth, Linux by choice.
- I blog at HACKLOG.in.
https://twitter.com/IshSookun ^^ Do you tweet?

Received on Tue Jun 09 2015 - 17:08:00 PST

This archive was generated by hypermail 2.3.0 : Tue Jun 09 2015 - 17:09:01 PST