lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <404E03A6.9010707@nbnet.nb.ca>
From: smenard at nbnet.nb.ca (Steve Menard)
Subject: Has anyone seen this in their e-mail

Steve Menard wrote:

>>  
>>
> I Suspect that it is a targetted long term attack
> against higher targets
> see the one below from march 3,2004
>
> I saw this one the other day
> I thought the guys I hosted with wrote better english
> Suspicious fromthe start
>
>From - Wed Mar  3 08:48:00 2004
>X-UIDL: &jJ"!-ek"!S[/"!8>c!!
>X-Mozilla-Status: 1001
>X-Mozilla-Status2: 10000000
>Return-Path: <lisa4@....rr.com>
>Received: from techsp05 ([203.177.127.113])
>	by changed.not (8.10.2/8.9.3) with SMTP id i23CZqe08455
>	for <me@...omain>; Wed, 3 Mar 2004 08:35:53 -0400
>Date: Wed, 03 Mar 2004 20:43:45 +0800
>To: me@...omain
>Subject: Notify about using the e-mail account.
>From: noreply@...omain
>Message-ID: <ocsgoycxukouajqfnbr@...omain>
>MIME-Version: 1.0
>Content-Type: multipart/mixed;
>        boundary="--------iwmrgskpbqjqjvtotrwg"
>X-UIDL: &jJ"!-ek"!S[/"!8>c!!
>
>----------iwmrgskpbqjqjvtotrwg
>Content-Type: text/plain; charset="us-ascii"
>Content-Transfer-Encoding: 7bit
>
>Dear user  of e-mail server "mydomain.xx",
>
>Our main  mailing server will  be temporary unavaible for next two days, 
>to continue receiving mail in these days you have  to configure our free
>auto-forwarding  service.
>
>For details see the attached file.
>
>Attached file protected with the  password for security reasons.  Password is 55366.
>
>Cheers,
>     The mydomain team                                http://www.mydomain
>
>----------iwmrgskpbqjqjvtotrwg
>Content-Type: application/octet-stream; name="TextDocument.zap"
>Content-Transfer-Encoding: Content-Disposition: attachment; filename="TextDocument.zap"
>
>some zipped bad file here=
>
>----------iwmrgskpbqjqjvtotrwg--
>
>  
>


I Forgot to mention
My current email provider for this list
scrubs my email without letting us know it

so they can still sell us antivirus subscritption service on phone bill

damn capatalist buzzards
How am I supposed to get my AV samples ;-)

[change list email addresses steve]   :-D

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ