lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <81acdca6b6120b2a774c2502e8fbcd45@remail.amessage.info> From: anonymous at remail.amessage.info (Max Mustermann) Subject: RE: Spam Solution Larry Seltzer wrote: > SMTP AUTH cracking and using the ISP account? Not that it can't and won't be done, but > I'm aware of no actual examples. Could you cite one please? Correct me if I'm wrong. One worm some time ago even _asked_ users to enter their SMTP AUTH credentials. And it spread quite well. Attach a spam engine and reduce its spreading rate to stay under the AV radar as long as possible and you're set. Was it SWEN? Or one of the encrypted ZIP thingies? I can't remember but it happened.