| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 26 Nov 2009 03:59:41 -0600 From: David Alanis <canito@...an.us> To: full-disclosure@...ts.grok.org.uk Cc: funsec <funsec@...uxbox.org> Subject: Re: [funsec] nasty infection from following link if anyone is interested Dragos Ruiu wrote: > Haha, and then you included his clickable link in your message > inclusion. > Tsk, Tsk. <chuckle> > > cheers, > --dr > > On 25-Nov-09, at 12:16 PM, Juha-Matti Laurio wrote: > > >> Your modifications doesn't prevent your link to be clickable in all >> mail clients. >> Please use methods >> http : // and/or >> archive1329101302 , heddasq >> >> next time... >> >> Juha-Matti >> >> RandallM [randallm@...mail.com] kirjoitti: >> >>> one of my sales people fell for a "someone posted a picture of you" >>> emails. >>> >>> Got a real nasty that came with, according to malwarebytes, >>> "Pawnd.bot >>> and Backdoor.bot". >>> Havent checked it out yet but thought I would share it. >>> >>> >>> The link is this: >>> (REMOVETHISFIRST http: // archive1329101302 , heddasq,eu/photo- >>> hosting/) >>> >>> -- >>> been great, thanks >>> a.k.a System >>> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> > > -- > World Security Pros. Cutting Edge Training, Tools, and Techniques > Vancouver, Canada March 22-26 http://cansecwest.com > Amsterdam, Netherlands June 16/17 http://eusecwest.com > pgpkey http://dragos.com/ kyxpgp > > > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > > I don't understand what is so funny about that or where you find the humor in knowing some less intuitive user at your company can cause a lot of damage to your network!?!?! Randall is simply sharing the information he's gathered. Here is the one message I received from an offshore colleague through my facebook account. Note that since I no longer have a facebook (mostly cause its a security risk) account and I suggested they follow some type of incident management plan with her machine. -------------------- Hey, some jerk has posted your pictures (u understand what kind of pictures are there) and sent a link of them to all ur friends. I have already replied back. Said, that he is an indiot. See the link: http://ehuvinuru.digitalzones.com/fozogaly.html Take care........ -------------------- That link took me to some server out in Brazil and it wanted me to install some type of flash player... I didn't really have the time to look into it just to see what it would do and where it would take me so if this is your cup of tea, have at it. Cheers, SDA _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists