The cyber attack was made on Wednesday afternoon news NU.nl, is very likely a specific action from Russia. Published Friday that an analysis of Fox IT security on his blog.
Wednesday nu.nl has spread malewre malware has spread to its users. Scurity analysis discovered this after infection with customers and began an investigation.
A botnet virus infected the network and exploit kit and the installed Trojans,
The IP addresses used for these exploit kits were 220.127.116.11, 18.104.22.168, 22.214.171.124 and 126.96.36.199 which were hosted in The Netherlands at serverboost.nl, and not in India as indicated by other publications. We provided the domains and the IP addresses to Spamhaus and also contacted serverboost.nl directly.wroted bloger
The track is followed by the intelligence departmen leads now to a Russian criminal underground forums which operates under the name Piupiupo.
The file was simple and for us only interesting to see where it would redirect clients, which was interesting as it redirected systems specifically with Windows Vista/7/8 to a separate location in the Nuclear Pack exploit kit.Bloger