| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon Aug 15 17:07:30 2005 From: toddtowles at brookshires.com (Todd Towles) Subject: Virus Outbreak Attacking MS05-039 WIN2K I don't see a real reason for blocking them, other than to make you mad. They could have easily pointed them to phishing sites, instead of the loopback address. But the phishing sites would have been cut down very fast when hard coded in the worm itself. Once they have control of the box using the IRC, this little "feature" can be modified at any time however. ________________________________ From: full-disclosure-bounces@...ts.grok.org.uk [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of Andrew Smith Sent: Monday, August 15, 2005 10:27 AM To: Mike Cc: full-disclosure@...ts.grok.org.uk Subject: Re: [Full-disclosure] Virus Outbreak Attacking MS05-039 WIN2K Can anyone explain why this virus chooses to block ebay, amazon and paypal? This seems foolish if the intention is to remain on the compromised host un-noticed. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20050815/0c57076b/attachment.html
Powered by blists - more mailing lists