Additional detail on the latest Java Exploit, including (one of) the IP address(es) of the C&C server(s)

Symantec has done a very good job of putting together a very quick and easy to follow write-up on this latest Java vulnerability including disclosing the IP of at least one of the C&C servers (below).  For the impatient, the IP listed is  I did a quick whois on it (details below) and it’s part of the network and is registered to CHINADEDICATED-HK (a Chinese company, big surprise there).  At this time, unless you have a specific need to communicate with hosts in this network range, we are recommending users block all traffic to / from the entire netblock (I suspect that the C&C is not limited or will not stay limited to this single IP, but that may be me being paranoid).

Article ->

Whois info:
% Whois data copyright terms
inetnum: –

netname:        CHINADEDICATED-HK
descr:          Room B, 8/F Wing Cheung Ind Building
country:        HK
admin-c:        CDCn1-AP
tech-c:         CDCn1-AP
status:         ALLOCATED PORTABLE
remarks:        Used for service-hosting
mnt-by:         APNIC-HM
remarks:        -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks:        This object can only be updated by APNIC hostmasters.
remarks:        To update this object, please contact APNIC
remarks:        hostmasters and include your organisation’s account
remarks:        name in the subject line.
remarks:        -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
changed: 20090507
source:         APNIC
role:           CHINA DEDICATED COMPANY – network

administratoraddress:        Room B, 8/F, Wing Cheung Ind Building, No. 109, How Ming Street, Kwun Tong
country:        HK
phone:          +85268554675
admin-c:        CDCn1-AP
tech-c:         CDCn1-AP
nic-hdl:        CDCn1-AP
changed: 20090507
source:         APNICchanged: 20090507