lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Tue May 10 22:31:12 2005
From: toddtowles at brookshires.com (Todd Towles)
Subject: Firefox & Mozilla  Advisory

I was just taking a guess at what could have happened. But it sounds
like it would work. You buy www.google.com.net and then you wait for
their DNS to mess up and you get thousands and thousands of hits to your
spyware site. Possible Passive Pharming attack?

Anyone know for sure what happen? 

> -----Original Message-----
> From: full-disclosure-bounces@...ts.grok.org.uk 
> [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf 
> Of Ben Vaisvil
> Sent: Tuesday, May 10, 2005 3:07 PM
> To: full-disclosure@...ts.grok.org.uk
> Subject: Re: [Full-disclosure] Firefox & Mozilla Advisory
> 
> Engadget.com was claiming (incorrectly) that google got 
> hacked 
> http://64.233.167.104/search?q=cache:aAAhpPYRP5cJ:www.engadget
> .com/entry/1234000610042620/+engadget+google+hacked&hl=en
> 
> Didn't take long for baseless speculation!
> 
> Todd Towles wrote:
> > Well, the patch the mozilla server was modified to fix the 
> issue. Paul 
> > told everyone the whole story about it on here yesterday. I heard 
> > about this on the weekend.
> > 
> > I am surprised no one has talked about the Google DNS issue. Users 
> > were tricked into going to SoGoSearch.com because of IE's 
> great domain 
> > search function. When IE can't find a site, it starts to 
> search. Well, 
> > SoGoSearch.com owns www.google.com.net, and therefore that is why 
> > people were getting spyware/adware junk.
> > 
> >  
> > 
> > 
> >>-----Original Message-----
> >>From: full-disclosure-bounces@...ts.grok.org.uk
> >>[mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of 
> >>Morning Wood
> >>Sent: Tuesday, May 10, 2005 1:21 PM
> >>To: P Ellison; full-disclosure@...ts.grok.org.uk
> >>Subject: Re: [Full-disclosure] Firefox & Mozilla Advisory
> >>
> >>wtf???  - - - - this HAS BEEN PATCHED
> >>
> >>no "heads-up" needed ( you missed the boat by a week )
> >>
> >>BUT THANKS FOR PLAYING!
> >>
> >>
> >>----- Original Message -----
> >>From: "P Ellison" <peter.jfactu@...nternet.com>
> >>To: <full-disclosure@...ts.grok.org.uk>
> >>Sent: Tuesday, May 10, 2005 9:21 AM
> >>Subject: [Full-disclosure] Firefox & Mozilla Advisory
> >>
> >>_______________________________________________
> >>Full-Disclosure - We believe in it.
> >>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >>Hosted and sponsored by Secunia - http://secunia.com/
> >>
> > 
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ