An abusive behaviour (Malware) originating from your IP ip-220.127.116.11/28 has been reported to or noticed by our Abuse Team.
Technical details showing the aforementioned problem follow :
— start of the technical details —
We are contacting you from Telefónica Cybersecurity & Cloud Tech. We manage different types of cybersecurity incidents against PAMESA
PAMESA’s security team has detected multiple failed attempts to access its corporate VPN, from various IPs worldwide, which appear to be part of a botnet. This apparent botnet is being used to perform brute force attacks, allowing malicious actors to break into our client’s private network.
So far, the following IP addresses related to your network have been identified.
Attached you can find a log file extracted by PAMESA, which includes all identified IP addresses, as well as connection details.
We need your help to take any possible measures to stop this malicious activity from the reported IPs. It would be extremely helpful if you could keep us posted with any progress.
We will be waiting for your comments on this incident. If you need more information, or any other proof, please contact our SOC 24/7 at +34 900 102 230 (option 9), or reply to this email.
Digital Risk Protection | Anti-Fraud Service
Telefónica Cybersecurity & Cloud Tech
Ronda de la Comunicación s/n, Madrid, Spain (GMT +1)
Telf.: +34 900102230 (option 7)
Correo.:firstname.lastname@example.org | email@example.com<mailto:firstname.lastname@example.org%20%7Cemail@example.com>
AI of Things<https://iot.telefonica.com/>
— end of the technical details —
Your should investigate and fix this problem, as it constitutes a violation to our terms of service.
Please answer to this e-mail indicating which measures you’ve taken to stop the abusive behaviour.
The OVHcloud Trust & Safety team.