lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Fri Mar 31 19:34:00 2006
From: n3td3v at gmail.com (n3td3v)
Subject: RSA HAVE CRACKED PHISHING, NO SERIOUSLY

What you mean phishers don't know after every 50 attempts to login on the
same host address that you're revoked, and to write a script to ask your
100,000 botnet harvested firstly from the unpatched IE flaw a few days ago,
and then use that same 0-day to hack your bank info with via fake BBC news
articles is such a difficult thing for a "dumb phisher" to carry out. Yes!
Dude, I was on Yahoo when they first locked out brute force login attacks
back in 2001, I think i'm comfortable with the techology by now.

On 3/31/06, Valdis.Kletnieks@...edu <Valdis.Kletnieks@...edu> wrote:
>
> On Fri, 31 Mar 2006 19:06:29 +0100, n3td3v said:
>
> > Check out this article, and I really did spill my hard earned Starbucks
> > right down my front when I looked at this article:
> >
> http://news.com.com/5208-1029-0.html?forumID=1&threadID=15591&messageID=131433&start=3D-1
>
> Given that you allegedly posted that particular response, I take it you
> spilled
> your Starbucks in shock that somebody would claim to be you?
>
> The original article is at
> http://news.com.com/2100-1029-6056317.html?tag=tb
>
> In any case, it's clear that the person who posted that response has *no
> idea*
> how most bank's anti-fraud systems work.
>
> First off, the phishers *can't* just run through all the data they've
> gotten
> in just a few seconds, unless they distributed the work across a bunch of
> botnet
> zombies - hits for more than a few dozen different accounts from the same
> IP
> in the same timespan are suspicious at the very least.
>
> Secondly, the phishers can currently usually be sure that the victims have
> given them reasonably good data (unless the victim is a dweeb who can't
> enter
> their DoB or account number correctly).  On the other hand, if the phished
> data
> has been polluted by 90% bad data, then only 1 of 10 attempted
> transactions
> will succeed - and the fact that they're trying lots of different bad data
> will
> again hopefully trigger an alert.  If you only succeed every 10th time,
> and you
> get locked out after 3 attempts with different bad data, it's going to
> take you
> a lot longer to figure out which ones are good and which ones are bad....
>
>
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060331/676fe683/attachment.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ