б^H tries to connect to the internet

Today I have found bunch of interesting entries in my firewall log. Apparently an application named б^H was trying to access the internet at various times. Now, I don’t know about you – but if I see a weird sting like that I get suspicious. So I started digging.

From the logs I figured that this thing was trying to do DNS lookups (all the hits were aiming at port 53 on the remote hosts). This is not unusuall – any piece of mallware could be doing this… But, since my anti-virus and spybot scans that run just this morning did not find anything, I started looking for legit apps that could generate port 53 traffic.

I spotted my DynDNS Updater icon in the taskbar which was red (to indicate failure to update). I did a few quick tests, enabling and disabling the rule for my mysterious application and I got it. It was the damn DynDNS updater!

Question is, why the hell does it show up in my logs as б^H? Why haven’t I noticed this before? And what the hell were they thinking?


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: