lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <45AD20B3.3050000@kennedyinfo.com>
Date: Tue, 16 Jan 2007 14:00:03 -0500
From: Troy Cregger <tcregger@...nedyinfo.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Grab a myspace credential

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

HAHA! Yeah, I had just updated to firefox 2 before I went to the
phishing page and got the warning. It kinda threw me for a moment when
that happened :) but I think it's a great feature for protecting the
innocent and stupid alike.


Steven Scheffler wrote:
> If you dig into google's cache you will see that
> http://www.marcolano.com/login/ has a spoofed myspace.com login screen
> where ppl enter their credentials. These are saved in a plain text file
> myspace.txt.
> 
> Firefox2 warned me about marcolano.com is a phishing site.
> 
> S
> 
> -----Original Message-----
> From: full-disclosure-bounces@...ts.grok.org.uk
> [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of Deepan
> Sent: Tuesday, January 16, 2007 8:56 AM
> To: Peter Dawson
> Cc: full-disclosure@...ts.grok.org.uk
> Subject: Re: [Full-disclosure] Grab a myspace credential
> 
> On Mon, 2007-01-15 at 23:05 -0500, Peter Dawson wrote:
>> "but at some point all this abuse will likely start sending users off
>> to another service. "
>>  
>> thats only --if the know if they are being abused.. most of them are
>> not coherent about any such issues.. 
>>
>>
>>  
>> On 1/15/07, Kevin Pawloski <kpawloski@...il.com> wrote: 
>>         The level of phishing sites targeting MySpace and bot related
> It is not quiet easy to fool 56000+ users using phishing sites. I wonder
> how Mark is doing it. 
> 
> 
> 
>>          activity that has been targeting MySpace lately is pretty
>>         alarming. Granted there is no real financial risk if an
>>         account gets compromised for the user but at some point all
>>         this abuse will likely start sending users off to another
>>         service. 
>>         
>>         Kevin 
>>         
>>         
>>         On 1/15/07, North, Quinn <QNorth@....com> wrote: 
>>
> "youmustbecompleteretards@...ot.com:doyouhonestlythinkiwillputmyrealpass
>>                 wordhere" 
>>                 
>>                 ...at least there is some hope left in the world :-\
>>                 
>>                 --=Q=--
>>                 
>>                 -----Original Message-----
>>                 From: full-disclosure-bounces@...ts.grok.org.uk
>>                 [mailto:full-disclosure-bounces@...ts.grok.org.uk] On
>>                 Behalf Of Emma
>>                 Perdue
>>                 Sent: Monday, January 15, 2007 7:48 AM 
>>                 To: full-disclosure@...ts.grok.org.uk
>>                 Subject: [Full-disclosure] Grab a myspace credential
>>                 
>>                 56000+ and counting
>>                 
>>                 http://www.marcolano.com/login/myspace.txt
>>                 
>>                 --
>>                 *Emma aka TINK*
>>                 
>>                 _______________________________________________
>>                 Full-Disclosure - We believe in it.
>>                 Charter:
>>                 http://lists.grok.org.uk/full-disclosure-charter.html
>>                 Hosted and sponsored by Secunia - http://secunia.com/
>>                 
>>                 _______________________________________________
>>                 Full-Disclosure - We believe in it. 
>>                 Charter:
>>                 http://lists.grok.org.uk/full-disclosure-charter.html
>>                 Hosted and sponsored by Secunia - http://secunia.com/ 
>>         
>>         
>>         
>>         _______________________________________________
>>         Full-Disclosure - We believe in it.
>>         Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>         Hosted and sponsored by Secunia - http://secunia.com/
>>         
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFrSCznBEWLrrYRl8RAq+oAJ4wJJCP/b+aDeWB8kP9ZlTUPBKClQCcDRmf
e1QTMV6x/H9NrTCKe3LczeA=
=Sb0W
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ