| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 7 Aug 2008 17:20:38 -0700
From: "James Matthews" <nytrokiss@...il.com>
To: az-guy@...hmail.com
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: No subject
It;s the new facebook friend adder
On Wed, Aug 6, 2008 at 3:11 PM, <az-guy@...hmail.com> wrote:
> Not just Rouge apps, it's much more widespread: other colors such
> as magenta, mauve, fuschia, and even the extremes of pink and
> purple can also be impacted.
>
> On Wed, Aug 6, 2008 at 2:56 PM, John C. A. Bambenek, GCIH, CISSP
> <bambenek.infosec@...il.com> wrote:
>
> What's the infection vector? URL Link? Rouge Facebook app?
>
> On Wed, Aug 6, 2008 at 4:44 PM, Gadi Evron <ge@...uxbox.org>
> wrote:
>
> Hi all.
>
> There's a facebook (possibly worm) something malicious
> sending fake
> messages from real users (friends).
>
> The sample also has a remote drop site (verified by someone
> who shall
> remain nameless).
>
> This is possibly zlob, not verified. Thanks Nick
> Bilogorskiy for his help.
>
> Infection sites seen so far are on .pl domains.
>
> The AV industry will soon add detection.
> Facebook's security folks are very capable, so I am not
> worried on that
> front.
>
> It's not that we didn't expect this for a long time now,
> but...
> Be careful. Some users know to be careful in email.. but
> not on facebook.
>
> Note: unlike 2003 when we called everything a worm and the
> 90s when
> everything was a virus--this is a bot which also
> spreads/infects on facebook.
>
> Gadi.
>
>
> --
> "You don't need your firewalls! Gadi is Israel's firewall."
> -- Itzik (Isaac) Cohen, "Computers czar", Senior Deputy
> to the Accountant General,
> Israel's Ministry of Finance, at the government's
> CIO conference, 2005.
>
> (after two very funny self-deprication quotes, time to
> even things up!)
>
> My profile and resume:
> http://www.linkedin.com/in/gadievron
> _______________________________________________
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list.
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
> --
> Click here for great computer networking solutions!
>
> http://tagline.hushmail.com/fc/Ioyw6h4fM6mUaUAfTcWMkR2Fx209IMXh1QMeRcp6eoXffMEOga9j6I/
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
--
http://www.goldwatches.com/
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists