Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Received: from BYAPR05MB5815.namprd05.prod.outlook.com (2603:10b6:a03:c6::19)
- by BYAPR05MB4613.namprd05.prod.outlook.com with HTTPS; Fri, 15 Oct 2021
- 13:01:48 +0000
- Received: from BN6PR22CA0060.namprd22.prod.outlook.com (2603:10b6:404:ca::22)
- by BYAPR05MB5815.namprd05.prod.outlook.com (2603:10b6:a03:c6::19) with
- Microsoft SMTP Server (version=TLS1_2,
- cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4628.11; Fri, 15 Oct
- 2021 13:01:45 +0000
- Received: from BN8NAM04FT011.eop-NAM04.prod.protection.outlook.com
- (2603:10b6:404:ca:cafe::1d) by BN6PR22CA0060.outlook.office365.com
- (2603:10b6:404:ca::22) with Microsoft SMTP Server (version=TLS1_2,
- cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4608.14 via Frontend
- Transport; Fri, 15 Oct 2021 13:01:45 +0000
- Authentication-Results: spf=temperror (sender IP is 5.9.59.50)
- smtp.mailfrom=Ubuntu-2004-focal-64-minimal; REDACTED by Marty; dkim=none
- (message not signed) header.d=none;REDACTED by Marty; dmarc=none action=none
- header.from=Ubuntu-2004-focal-64-minimal;
- Received-SPF: TempError (protection.outlook.com: error in processing during
- lookup of Ubuntu-2004-focal-64-minimal: DNS Timeout)
- Received: from Ubuntu-2004-focal-64-minimal (5.9.59.50) by
- BN8NAM04FT011.mail.protection.outlook.com (10.13.161.109) with Microsoft SMTP
- Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
- 15.20.4608.15 via Frontend Transport; Fri, 15 Oct 2021 13:01:43 +0000
- Received: by Ubuntu-2004-focal-64-minimal (Postfix, from userid 110)
- id DF5906C27A9; Fri, 15 Oct 2021 15:07:06 +0200 (CEST)
- Received: by Ubuntu-2004-focal-64-minimal (Postfix, from userid 111)
- id 323946C1172; Fri, 15 Oct 2021 14:47:06 +0200 (CEST)
- Subject: Important Security Alert
- To: REDACTED by Marty
- X-Mailer: mail (GNU Mailutils 3.7)
- Message-Id: <20211015124706.323946C1172@Ubuntu-2004-focal-64-minimal>
- Date: Fri, 15 Oct 2021 14:47:06 +0200 (CEST)
- From: steasys@Ubuntu-2004-focal-64-minimal
- Return-Path: steasys@Ubuntu-2004-focal-64-minimal
- X-MS-Exchange-Organization-ExpirationStartTime: 15 Oct 2021 13:01:44.1040
- (UTC)
- X-MS-Exchange-Organization-ExpirationStartTimeReason: OriginalSubmit
- X-MS-Exchange-Organization-ExpirationInterval: 1:00:00:00.0000000
- X-MS-Exchange-Organization-ExpirationIntervalReason: OriginalSubmit
- X-MS-Exchange-Organization-Network-Message-Id:
- 8f960358-9f26-4e67-0b92-08d98fdbf041
- X-EOPAttributedMessage: 0
- X-EOPTenantAttributedMessage: 5a589c08-32c3-4d84-8cb2-48d77520a99b:0
- X-MS-Exchange-Organization-MessageDirectionality: Incoming
- X-MS-PublicTrafficType: Email
- MIME-Version: 1.0
- X-MS-Exchange-Organization-AuthSource:
- BN8NAM04FT011.eop-NAM04.prod.protection.outlook.com
- X-MS-Exchange-Organization-AuthAs: Anonymous
- X-MS-Office365-Filtering-Correlation-Id: 8f960358-9f26-4e67-0b92-08d98fdbf041
- X-MS-TrafficTypeDiagnostic: BYAPR05MB5815:
- X-MS-Oob-TLC-OOBClassifiers: OLM:6430;
- X-MS-Exchange-Organization-SCL: 5
- X-Forefront-Antispam-Report:
- CIP:5.9.59.50;CTRY:DE;LANG:en;SCL:5;SRV:;IPV:NLI;SFV:SPM;H:Ubuntu-2004-focal-64-minimal;PTR:static.50.59.9.5.clients.your-server.de;CAT:SPM;SFS:(9686003)(36906005)(4744005)(42882007)(22186003)(6916009)(3480700007)(450100002)(86362001)(42186006)(356005)(83380400001)(81166007)(6266002)(58800400005)(5660300002)(426003)(1096003)(63350400001)(1076003)(33656002)(8676002)(33716001)(2616005)(7116003)(26005)(2160300002)(336012)(1557600010);DIR:INB;
- X-Microsoft-Antispam: BCL:0;
- X-MS-Exchange-UnifiedGroup-DisplayName: REDACTED by Marty
- X-MS-Exchange-UnifiedGroup-Address: REDACTED by Marty
- X-MS-Exchange-UnifiedGroup-MailboxGuid: 3ca36a1c-ef48-4efd-a72f-e23edb1ed776
- X-Auto-Response-Suppress: DR, OOF, AutoReply
- X-MS-Exchange-CrossTenant-OriginalArrivalTime: 15 Oct 2021 13:01:43.9181
- (UTC)
- X-MS-Exchange-CrossTenant-Network-Message-Id: 8f960358-9f26-4e67-0b92-08d98fdbf041
- X-MS-Exchange-CrossTenant-Id: 5a589c08-32c3-4d84-8cb2-48d77520a99b
- X-MS-Exchange-CrossTenant-AuthSource:
- BN8NAM04FT011.eop-NAM04.prod.protection.outlook.com
- X-MS-Exchange-CrossTenant-AuthAs: Anonymous
- X-MS-Exchange-CrossTenant-FromEntityHeader: Internet
- X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR05MB5815
- X-MS-Exchange-Transport-EndToEndLatency: 00:00:04.9407463
- X-MS-Exchange-Processed-By-BccFoldering: 15.20.4608.015
- X-Microsoft-Antispam-Mailbox-Delivery:
- ucf:0;jmr:1;auth:0;dest:J;ENG:(910001)(944506458)(944626604)(750132)(520011016);
- X-Microsoft-Antispam-Message-Info:
- =?us-ascii?Q?POGHnTusQQqH3QreL1/aykrE1dh2VF1+XeUxVbH4i2uCDlB+NqCqyYCPbD92?=
- =?us-ascii?Q?y0bQUKYZkUCQgPd0u8yUmDhm/rELUryIoHj5HIFcmtnWjZIRNR7gnVE2Vsot?=
- =?us-ascii?Q?sPeQVzkSialIRB4qf3iHSSOMDWIMGMZ0VX5GiKGEFL9xTe926pFg/WgypNhD?=
- =?us-ascii?Q?30utRAD5AL63VxS+V38TUneDjH+965IYGyrwAI+b4wg25Gt1d61SUWillQpb?=
- =?us-ascii?Q?rhgeh3haDckrqFMX6K+s112RkKhFz/8pKCQ1BiAXbXB8/ttyDm56K9s+2ivj?=
- =?us-ascii?Q?K4weYTdHmaKpX0MWO3mmEdM3xyVN0zHQRrM+IWFK3VwWO9zDzXMAaClApvOv?=
- =?us-ascii?Q?9n3a9244p6oVwz1HeLsPZRhVNBDWnFgTdsaRf3Cp3MBtWKjg0GeSchw/Wqef?=
- =?us-ascii?Q?MdojRN0iZcwmnc3Yy7tAALYQwLllaXGVbRxXxmtTlZm7yhhPAeBP+jspzS5l?=
- =?us-ascii?Q?AJYmyrYZam6bLT3AZ4/3rXKTNiWm6l22AlfHVCvD+4QGPDI3QuKo7egNDvBz?=
- =?us-ascii?Q?nks+GnJ4KcgPfhWQb5w/IyTrgneD0D2QyoMnGCuHSrZSuaYiFBYSL2o5HHr3?=
- =?us-ascii?Q?nSJRFUX4uZWbs+jMe3HIzcj4u77o2RWMsfnBZciwHBgytGxXlLNXK9/CJ3+v?=
- =?us-ascii?Q?jan2lY/LUYvtuWTna4fu1i9GUs0/2d8c0L0wtAVykdxn8m6LDoQ09CpANoc7?=
- =?us-ascii?Q?/3v0VfM/mPW+C4fuBE3FRJG3otpicTgBow4J2J42iSoN2MA0FCBmTMpTaldd?=
- =?us-ascii?Q?Ni+C1CGSX9Ou5J64T+J9464x0agHEg0zrYvlvumtEaVe84qNdP4Htz5emECo?=
- =?us-ascii?Q?yqk/9DrECmIp2B1APHlz7GNbABgatdOGnwEDYk38YvdAUpfATIAsXIuHAHSk?=
- =?us-ascii?Q?9kFRpN3jfj+uJ5QfhUQBZ3bIfm0t2w4OpBIEUjdSknta8kUAjBN5UOykndPu?=
- =?us-ascii?Q?o0VYOyHmaWqwuweapkA4FNdHONddgLRuLpQLvbmgqCtmaJymb3EkWZUXW95E?=
- =?us-ascii?Q?6WBRV74VPFNCwWzedP/t/T/XGFp3aQ6MmF3c3OD5T7kC3f2xxZABTl7OGpXe?=
- =?us-ascii?Q?O7yntH2nCkEuOMVYywk1azRHhC+RJBQQLlTxiYkKbpoyZGHtvPmIfdrJ+wfb?=
- =?us-ascii?Q?SApnpqRRTHJXlIV4LPkjb+Go/npCsmA60OY8jouhMQObpF4s8mbgWLiBnAjd?=
- =?us-ascii?Q?7CzeOIDyLhN9swYma0Xu22BHKUJUxq1HkLQ+3ZT9Txb73HpBIUgjFv5vKClV?=
- =?us-ascii?Q?gz3sudxl61bHWbZqkqc1AaTiuMIHF5HNAOQ9FNOi/Xw0JpE/N7zuGDDWBv3O?=
- =?us-ascii?Q?+bldk3n/8jfLMRE6gPa4xGUJC/VM4DZqG9adOu4EywMCI1sDjlJh5OXf6s2j?=
- =?us-ascii?Q?bslw4AN/MsJ4NaxXXRy5Jr6pSGcLVF8pQpdbeEx3qORGNvfQmcsEeV1uq5WW?=
- =?us-ascii?Q?EeOOAh/yhywy5H75k00bAet89X0t8yWY7gu6aNoldiRrOW8Hks1svzVqTCGD?=
- =?us-ascii?Q?qGYVSVs3myqLO2q7GYY3LwQjbneLSJq+MDfIMKZxVuxXwEt/LbyuECjYIzEr?=
- =?us-ascii?Q?/BCoAOIOJ8eJlomGhL1vIAM+gr++HX46vqkDQcDlEe173KwE8h1Dnw82Ldo5?=
- =?us-ascii?Q?wIq005/x908pYRM6UEhjsvCK2cHXRy8k9iv2srg6Lg7KmWBrmSAUUfKVGUZ3?=
- =?us-ascii?Q?rc+ALmiYJkY3etkYI3ThWAvbc71a8XWRwRvl9gHCAV0xouImjti9NAxIhb0Y?=
- =?us-ascii?Q?/e5xsirQ8T/W3ualnzE3agbnqDtQkoj8OtWewWb/GuurYngSOysgt+MKwbUd?=
- =?us-ascii?Q?5P4NP0doDnvFN/Gu9Gdu9AHWLlLtvmt1jLP9rf3f4mpVC9jZDyAJES85P0dw?=
- =?us-ascii?Q?c3UI80FjYDbWFqip2Wlhe8kCCgAauibXwviDiXokmIu9MwUt84MptI/4rSoU?=
- =?us-ascii?Q?+ecUKX+uR07Bux8QGNJa1DjXIZkmrddRrDWCo4BkKKaz6Wb0SjN5pXJCFhZ1?=
- =?us-ascii?Q?3q5x4ultTN13R5z5T901TVG7BGeqTSttjlRSSeZB/C8+lmOwHPhqqOMZGVfV?=
- =?us-ascii?Q?JEe/WAKD5ZPX+BNfavx6B+gjCVhRdtsE3WdaFCIZUynCKvHl4efg+tmD9wy6?=
- =?us-ascii?Q?2Sq8sETTHmVJAP1+YCm+gfziKWvAfBFudJvaqd46SJ0S1gox7iGs3IyR5CRD?=
- =?us-ascii?Q?AK8E+Lrmeapjtuq3Drpa2I2p9LnrD+PDMnKwnjfWrWYQSn7v6upok0Xsm+t9?=
- =?us-ascii?Q?y1Laj2JPWp+oYBy7PMh519P7PNu9c+Pm61ehZuLrwg=3D=3D?=
- Content-type: text/plain;
- charset="UTF-8"
- Content-transfer-encoding: 7bit
- [EXTERNAL]
- Hello fellow ASN owner/IX operator,
- We (<https://lowendtalk.com> and <https://lowendspirit.com>), have hacked into your central routers, and are going to destroy all of your routes/BGP configuration within the next 10 minutes; we have your backups, too! We do not care about your company, etc., we are only interested in destroying it for the lulz. You can check for yourself in the SSH auth logs. Our IP is "159.196.14.47" :)
- If you would like this to not happen, please open a ticket on <https://support.lowendtalk.com>, and post your ASN within the next 5 minutes. As proof, we know that you are terrible with IPv6, and your central routers are Cisco/MikroTik.
- We are only interested in also supporting our sponsor, which is <https://www.buyvm.net>. They have a much better network than you do, anyway!
- Kind Regards,
- raindog308 (l33t bot operator), PieHasBeenEaten (elite hacker), and FAT32 (fat32@mail.com)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement