lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri Oct 14 17:56:40 2005
From: mlande at bellsouth.net (Mary Landesman)
Subject: IMLogic telling porkies about Yahoo

I can't speak to the IMLogic figures, but these are a few Yahoo IM worms of
which I am aware.

Guap.a
Gunsan
Lile.a
Oscabot.k
StarGames
Velkbot.a
Yimp.a

All but one of these (Gunsan) was reported by antivirus vendors after April
2005.

According to the data I've collected, MSN Messenger users (in large part
because of Kelvir) appear to be the most frequent targets of all Instant
Messenger threats, with 319 IM worms (that I know of) to contend with. AOL
Instant Messenger (AIM) users come in a distant second with 64 IM worms
(that I know of) targeting them. Both ICQ and Yahoo! Messenger take third
place with only 7 IM worms (that I know of) each targeting those chat
clients.

It's probably a better idea to do the research yourself rather than relying
on figures from the client vendors (or even from me, for that matter). This
is all information that is available in various antivirus vendor
encyclopedias; it just requires jumping through search hoops rather than
jumping to conclusions.

-- Mary

----- Original Message ----- 
From: "n3td3v" <xploitable@...il.com>
To: <full-disclosure@...ts.grok.org.uk>
Sent: Friday, October 14, 2005 12:28 PM
Subject: Re: [Full-disclosure] IMLogic telling porkies about Yahoo


On 10/14/05, James Tucker <jftucker@...il.com> wrote:
> Sorry for the extremety of my blunt response, but I have two things to
say:
>
> 1. How the fuck do YOU know any more than they do? Just because you
> obsess over the security factors around a company with which you have
> no affiliation does not put you in any greater authority to make
> statements like those you made there.

I heard it from the horses mouth. Yahoo don't acknowledge the same
stats that IMLogic report on, and Yahoo say IMLogic's findings don't
match that of Yahoo's own stats of their network.

IMLogic can report on something and claim a worm is attacking, but
when Yahoo's people go and look at their network, nothing is actually
taking place!

How many malicious messages do IMLogic record, before they decide
theres a wide spread attack? Thats my question, because even with
reports of worms on Yahoo, none have been seen by Yahoo or users..

Powered by blists - more mailing lists