[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <9E97F0997FB84D42B221B9FB203EFA27D50C9C@dc1ms2.msad.brookshires.net>
Date: Tue May 10 22:31:12 2005
From: toddtowles at brookshires.com (Todd Towles)
Subject: Firefox & Mozilla Advisory
I was just taking a guess at what could have happened. But it sounds
like it would work. You buy www.google.com.net and then you wait for
their DNS to mess up and you get thousands and thousands of hits to your
spyware site. Possible Passive Pharming attack?
Anyone know for sure what happen?
> -----Original Message-----
> From: full-disclosure-bounces@...ts.grok.org.uk
> [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf
> Of Ben Vaisvil
> Sent: Tuesday, May 10, 2005 3:07 PM
> To: full-disclosure@...ts.grok.org.uk
> Subject: Re: [Full-disclosure] Firefox & Mozilla Advisory
>
> Engadget.com was claiming (incorrectly) that google got
> hacked
> http://64.233.167.104/search?q=cache:aAAhpPYRP5cJ:www.engadget
> .com/entry/1234000610042620/+engadget+google+hacked&hl=en
>
> Didn't take long for baseless speculation!
>
> Todd Towles wrote:
> > Well, the patch the mozilla server was modified to fix the
> issue. Paul
> > told everyone the whole story about it on here yesterday. I heard
> > about this on the weekend.
> >
> > I am surprised no one has talked about the Google DNS issue. Users
> > were tricked into going to SoGoSearch.com because of IE's
> great domain
> > search function. When IE can't find a site, it starts to
> search. Well,
> > SoGoSearch.com owns www.google.com.net, and therefore that is why
> > people were getting spyware/adware junk.
> >
> >
> >
> >
> >>-----Original Message-----
> >>From: full-disclosure-bounces@...ts.grok.org.uk
> >>[mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of
> >>Morning Wood
> >>Sent: Tuesday, May 10, 2005 1:21 PM
> >>To: P Ellison; full-disclosure@...ts.grok.org.uk
> >>Subject: Re: [Full-disclosure] Firefox & Mozilla Advisory
> >>
> >>wtf??? - - - - this HAS BEEN PATCHED
> >>
> >>no "heads-up" needed ( you missed the boat by a week )
> >>
> >>BUT THANKS FOR PLAYING!
> >>
> >>
> >>----- Original Message -----
> >>From: "P Ellison" <peter.jfactu@...nternet.com>
> >>To: <full-disclosure@...ts.grok.org.uk>
> >>Sent: Tuesday, May 10, 2005 9:21 AM
> >>Subject: [Full-disclosure] Firefox & Mozilla Advisory
> >>
> >>_______________________________________________
> >>Full-Disclosure - We believe in it.
> >>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >>Hosted and sponsored by Secunia - http://secunia.com/
> >>
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
Powered by blists - more mailing lists