lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <5.1.1.6.2.20021108131724.02d66ce0@mail-dnh.mv.net>
From: brian at pc-radio.com (Brian McWilliams)
Subject: Kaspersky blames "massive attack"

See below.

Not to beat a dead horse, but this doesn't explain why the Kaspersky list 
server was forwarding bounce messages from list members to everyone on the 
Virus News list. (E.g. see sample at the very bottom of this note.)

B.

+++

http://www.kaspersky.com/news.html?chapter=20140

Beware of fakes!   [11/08/2002]

Kaspersky Labs reports an attempt to hack its Web server

Kaspersky Labs informs users that on the night the November 7th there was a 
massive attack against the company's Web server. The attack resulted in a 
group of hackers sending the subscribers of the Kaspersky Labs e-mail 
newsletter a message containing the recently discovered "Bridex" worm.

The infected messages have the following appearance:

[snip]

  +++

Delivered-To: list-15@...server2.kaspersky-labs.com
Received: from messagerie.multiphone.fr (messagerie.multiphone.fr 
[194.206.157.135])
	by webserver2.kaspersky-labs.com (Postfix) with ESMTP id AF9F520B8C
	for <list-15@...server2.kaspersky-labs.com>; Fri,  8 Nov 2002 02:40:37 
+0300 (MSK)
Received: by MESSAGERIE with Internet Mail Service (5.5.2650.21)
	id <WMJKSYLR>; Fri, 8 Nov 2002 00:40:41 +0100
Message-ID: <1149797CEC6ED6119C8D00600872D6F606382A@...SAGERIE>
From: "[MESSAGERIE] Panda Antivirus for Exchange Server" 
<MESSAGERIEPandaAntivirusforExchangeServer@...tiphone.fr>
To: "'list-15@...server2.kaspersky-labs.com'" 
<list-15@...server2.kaspersky-labs.com>
Subject: Incident de virus
Date: Fri, 8 Nov 2002 00:40:40 +0100
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2650.21)
Content-Type: text/plain;
	charset="iso-8859-1"

Panda Antivirus a d?tect? les virus suivants dans le message:
	Server :	MESSAGERIE

	Envoy? par :	
	Adresse :	MAILER-DAEMON@...mail.asdc.kz
	A :	list-15@...server2.kaspersky-labs.com
	Objet :	Returned mail: see transcript for details
	Date :	08/11/2002  01:40

VIRUS DETECTE

Fichier :  ~000003.txt
	   Virus :	Exploit/iFrame - D?sinfect?
Fichier :  README.EXE
	   Virus :	W32/Bride - D?sinfect?

http://www.pandasoftware.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ