Full Disclosure mailing list archives
Re: MyDoom Email targets
From: merlyn () stonehenge com (Randal L. Schwartz)
Date: 27 Jan 2004 10:41:41 -0800
"Scott" == Scott Manley <djsnm () djsnm com> writes:
Scott> I've noticed I'm getting a load of messages to my catch all domains Scott> with addresses like adam@.... joe@.... sandra@.... - it's highly Scott> unlikely that this would be part of anyone's address book - is there Scott> some mechanism in the worm to try and propagate to random e-mail Scott> within a domain? Yes, it's scraping address books, text files, and does a dictionary attack as well. Mean and viscious this one is. Much worse than sobig. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 <merlyn () stonehenge com> <URL:http://www.stonehenge.com/merlyn/> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training! _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- MyDoom Email targets Scott Manley (Jan 27)
- RE: MyDoom Email targets Geo. (Jan 27)
- Re: MyDoom Email targets madsaxon (Jan 27)
- Re: MyDoom Email targets Randal L. Schwartz (Jan 27)
- <Possible follow-ups>
- RE: MyDoom Email targets Jos Osborne (Jan 28)