lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Thu, 16 Aug 2012 11:27:33 +0100
From: Jacqui Caren <jacqui.caren@...world.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Associate professor from Pakistan National
 University - spammer

On 16/08/2012 07:04, Tonu Samuel wrote:
>
> There is a gaming site meyraj.com <http://meyraj.com>, registered to this professor name. Not company, not someone else but he personally runs it.

Its just another godaddy registration - you can use any old crap to register a domain with GD.

> There is a Facebook wall https://www.facebook.com/fahim.arif.9 where we can see posts advertising same site for two years. Look on all details of this account.
> There are 175688 tweets on http://twitter.com/Meyraj about this gaming site
> There are spams over half year in OpenCV lists under his name and Software Engineer related to computer vision does not notice it.

Agreed!

My assumption was the professor had been hacked by a student (perhaps he left his desktop open and a waiting
grad student did a tools-options-security->view passwords in his open browser). Not exactly "leet" but...

This ties in well with the gaming site and the rather clueless txtspeak. I somehow doubt that a resident (published)
professor would write in that style.

My advice would be to report the abuse to the uni and drop the matter. They may have not responded bacause they
are in the process of prosecuting the little trog responsible or he just wants to hide the fact that he has been
hacked from other staff :-)

IMHO Give the guy the benefit of the doubt - but it does not hurt to block all incoming traffic for the uni
and report any ads instigated from dialups to the appropriate ISP pointing out thet link to the assumed hacked
account of said professor.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ