23 Mar
2006
23 Mar
'06
11:35 a.m.
2006/3/23, Steve Atkins <steve@blighty.com>:
[snip]
target[0]="http://weerona.com/ph/order.php?%rand%" target[1]="http://fabutons.info/aw/001/?%rand%" target[2]="http://movi96.dayaugusta.com/aspx/search.asp?t=%rand%" target[3]="http://www.fakeidonline.com/store.php?%rand%" target[4]="http://ccebak.bestti.info/p/?%rand%" target[5]="http://www.zpgo.net/pweb7/texpo/?%rand%" target[6]="http://www.tex-win.com/productshow.asp?id=1808&%rand%=% rand%" target[7]="http://7eklp9g3.tagsully.net/p/?%rand%&zz=lowcost"
Which of these is your website? none, they change A records of these rogue domains as they see fit to spread the attack among more victims.