Full Disclosure mailing list archives
Re: MyDoom Email targets
From: madsaxon <madsaxon () direcway com>
Date: Tue, 27 Jan 2004 12:02:49 -0600
At 09:26 AM 1/27/2004 -0800, Scott Manley wrote:
I've noticed I'm getting a load of messages to my catch all domains with addresses like adam@.... joe@.... sandra@.... - it's highly unlikely that this would be part of anyone's address book - is there some mechanism in the worm to try and propagate to random e-mail within a domain?
Yeah, here's a list of the names it can use, from a copy I got and UPX/ROT-13 decoded: sandra linda julie jimmy jerry helen debby claudia brenda anna alice brent adam ted fred jack bill stan smith steve matt dave dan joe jane bob robert peter tom ray mary serg brian jim maria leo jose andrew sam george david kevin mike james michael alex john accoun certific list servntivi support icrosoft admin page the.bat gold-certs cafeste submit not help service privacy somebody nosoft contacts iterating bugs me you your someone anyone nothing nobody noone webmaster postmaster samples info root be_loyal: mozilla There are a lot of interesting strings in this thing. ;-) m5x _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- MyDoom Email targets Scott Manley (Jan 27)
- RE: MyDoom Email targets Geo. (Jan 27)
- Re: MyDoom Email targets madsaxon (Jan 27)
- Re: MyDoom Email targets Randal L. Schwartz (Jan 27)
- <Possible follow-ups>
- RE: MyDoom Email targets Jos Osborne (Jan 28)