lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <81acdca6b6120b2a774c2502e8fbcd45@remail.amessage.info>
From: anonymous at remail.amessage.info (Max Mustermann)
Subject: RE: Spam Solution

Larry Seltzer wrote:

> SMTP AUTH cracking and using the ISP account? Not that it can't and won't be done, but
> I'm aware of no actual examples. Could you cite one please?

Correct me if I'm wrong. One worm some time ago even _asked_ users to enter
their SMTP AUTH credentials. And it spread quite well. Attach a spam engine 
and reduce its spreading rate to stay under the AV radar as long as 
possible and you're set.

Was it SWEN? Or one of the encrypted ZIP thingies? I can't remember but it 
happened.


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ