| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 24 Sep 2003 23:40:23 +0200 From: jelmer <jkuperus@...net.nl> To: Brent Meshier <brent@...hier.com>, bugtraq@...ts.securityfocus.com Subject: Re: AIM Password theft That would be my ado thingie There's a temporary fix over at http://ip3e83566f.speed.planet.nl/hacked-by-chinese/5.htm --jelmer On Tuesday 23 September 2003 21:13, Brent Meshier wrote: > Mark, > The code you just sent looks familiar to a SPAM I received > attempting to hijack users' e-gold accounts. Out of curiosity I > followed that link which loaded start.html (attached). What worries me > is that I'm running IE 6.0.2800.1106 with all the latest patches from > Microsoft and this page (start.html) rewrote wmplayer.exe on my local > drive without notice. After closing the page, I found two .exe files on > my desktop (which loaded from http://doz.linux162.onway.net/eg/1.exe). > Is this a new unknown vulnerability? > > Brent Meshier > Global Transport Logistics, Inc. > http://www.gtlogistics.com/ > "Innovative Fulfillment Solutions" > > -----Original Message----- > From: Mark Coleman [mailto:markc@...ontown.com] > Sent: Tuesday, September 23, 2003 11:43 AM > To: bugtraq@...urityfocus.org > Subject: [Fwd: Re: AIM Password theft] > > Hi, can anyone shed some light on this for me? If this is new, its > going to spread like wildfire. AOL or incidents lists have yet to > reply.... it appears to be a legitimate threat as I have at least one > user "infected" already.. Thank you.. > > -Mark Coleman
Powered by blists - more mailing lists