Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Example of WMF Exploit SPAM Targetting Schools?

From: "H. Morrow Long" <morrow.long () YALE EDU>
Date: Thu, 5 Jan 2006 18:34:53 -0500
We weren't very happy that Mikko put that particular
email message with our domain name in it on F-Secure's
public weblog.  The sender email address is forged and the
content and name at the bottom are completely fictional.

We received many spam and other complaints -- primarily
from recipients in the UK.

Examination of the email headers revealed that most of the
email messages also originated (surprisingly enough) from
UK ISP IP addresses.

Comcast took the webpage with WMF exploit on it down quickly.

Morrow

On Jan 5, 2006, at 5:50 PM, Gary Flynn wrote:


I thought you might find this interesting. I plan to
incorporate it into some awareness presentations as
an example of mildly targeted social engineering:

http://www.f-secure.com/weblog/archives/archive-012006.html#00000768

I seem to remember some other type of virus or fraud
using a similar message in the past regarding campus
vandalism.

It was also interesting that it also tried exploiting Firefox.

http://www.frsirt.com/exploits/20060101.mozilla_compareto.pm.php


--
Gary Flynn
Security Engineer
James Madison University
www.jmu.edu/computing/security
Previous By Date Next
Previous By Thread Next

Current thread: