There is a server on the East coast that i belive is infected with a virus and is sending 100's of emails to my domain from my domain, with an attached virus (~60k).
The emails are addressed from: info, administrator, mail, etc (all @cj7jeep.com)
The emails are addressed to: matt, bob, etc. just random names (all @cj7jeep.com)
Each have an attached zip file: password, important-details, account-report, etc
Looks like the following virus:
http://www.trendmicro.com - WORM_MYTOB.HN
http://securityresponse.symantec.com - W32.Mytob.IM@mm
However, all emails have come from the IP address: 64.179.34.50
Should i try and contact the company and tell them one of their computers is infected? At the bottom i used networksolutions.com to lookup the contact information.
Any thoughts on what i should do would be great!
Thanks!
Luke
Lookup at NetworkSolutions.com shows:
OrgName: Choice One Communications Inc
OrgID: CHOC
Address: 100 Chestnut St.
City: Rochester
StateProv: NY
PostalCode: 14609
Country: US
NetRange: 64.179.0.0 - 64.179.127.255
CIDR: 64.179.0.0/17
NetName: CHOICE-ONE-COMMUNICATIONS
NetHandle: NET-64-179-0-0-1
Parent: NET-64-0-0-0-0
NetType: Direct Allocation
NameServer: NS1.CHOICEONE.NET
NameServer: NS2.CHOICEONE.NET
Comment:
RegDate: 2002-09-10
Updated: 2003-01-10
TechHandle: ZC141-ARIN
TechName: Choice One Communications
TechPhone: +1-716-853-1331
TechEmail: [email protected]