lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <404E03A6.9010707@nbnet.nb.ca> From: smenard at nbnet.nb.ca (Steve Menard) Subject: Has anyone seen this in their e-mail Steve Menard wrote: >> >> > I Suspect that it is a targetted long term attack > against higher targets > see the one below from march 3,2004 > > I saw this one the other day > I thought the guys I hosted with wrote better english > Suspicious fromthe start > >From - Wed Mar 3 08:48:00 2004 >X-UIDL: &jJ"!-ek"!S[/"!8>c!! >X-Mozilla-Status: 1001 >X-Mozilla-Status2: 10000000 >Return-Path: <lisa4@....rr.com> >Received: from techsp05 ([203.177.127.113]) > by changed.not (8.10.2/8.9.3) with SMTP id i23CZqe08455 > for <me@...omain>; Wed, 3 Mar 2004 08:35:53 -0400 >Date: Wed, 03 Mar 2004 20:43:45 +0800 >To: me@...omain >Subject: Notify about using the e-mail account. >From: noreply@...omain >Message-ID: <ocsgoycxukouajqfnbr@...omain> >MIME-Version: 1.0 >Content-Type: multipart/mixed; > boundary="--------iwmrgskpbqjqjvtotrwg" >X-UIDL: &jJ"!-ek"!S[/"!8>c!! > >----------iwmrgskpbqjqjvtotrwg >Content-Type: text/plain; charset="us-ascii" >Content-Transfer-Encoding: 7bit > >Dear user of e-mail server "mydomain.xx", > >Our main mailing server will be temporary unavaible for next two days, >to continue receiving mail in these days you have to configure our free >auto-forwarding service. > >For details see the attached file. > >Attached file protected with the password for security reasons. Password is 55366. > >Cheers, > The mydomain team http://www.mydomain > >----------iwmrgskpbqjqjvtotrwg >Content-Type: application/octet-stream; name="TextDocument.zap" >Content-Transfer-Encoding: Content-Disposition: attachment; filename="TextDocument.zap" > >some zipped bad file here= > >----------iwmrgskpbqjqjvtotrwg-- > > > I Forgot to mention My current email provider for this list scrubs my email without letting us know it so they can still sell us antivirus subscritption service on phone bill damn capatalist buzzards How am I supposed to get my AV samples ;-) [change list email addresses steve] :-D
Powered by blists - more mailing lists