lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <006701c38cbc$31e8b360$0100a8c0@p3600>
From: chows at ozemail.com.au (gregh)
Subject: Email Harvesting virus?

> ----- Original Message ----- 
> From: Joel R. Helgeson
> To: full-disclosure@...ts.netsys.com
> Sent: Tuesday, October 07, 2003 12:44 PM
> Subject: [Full-Disclosure] Email Harvesting virus?


> I came across an intersting event today. I haven't been able to research
it as much as I'd like, but I'd like to toss it out to the
> community just the same.

> A customers machine appears to be infected with some type of malware that
apparently harvests email addresses and puts them into > a file named '~'.
Just the tilde ~, no extention.  This file is created under the C:\Documents
and Settings\%username%\~.  I have
> attached a zipped copy of the file for refrence.


This happened a while ago in an MS update and it depends on a few things
where the tilde file ends up on your system. It is on desktop on most but in
My Documents, for example, on mine.

It is a WAB file or an email address book. Not a good idea sending that to a
list, BTW.

Greg.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ