Full Disclosure mailing list archives
Re: A funny (but real) story for XMAS
From: Ron DuFresne <dufresne () winternet com>
Date: Tue, 16 Dec 2003 09:09:33 -0600 (CST)
None of this should be surprising, especially in the US where rivacy issues are not well understood, nor is there great concern at present in regards to it. When data bases of corporate giants can be hacked and disclose private info of millions, and little fiallout follows, and even governement entities can be struck the same way and again, little fallout results, one small companies problems with private infomantion security will not generate much backlash either. Perhaps change will come when those tasked with HIPPA regs are audited or get hacked and disclose their information, perhaps...<shrug> Thanks, Ron DuFresne On Mon, 15 Dec 2003, Tri Huynh wrote:
Hi list, One day when I checked my email, I received many emails from a company named wickedservers.com (which is belong to another company called IOport Technologies, LLC). Here is one of their emails : " Your e-mail has been received. A ticketnumber has been created. Would you like to correspond about this matter, please always use this ticketnumber in your subject field: [ts #26205] ------------------------------------------------------------------------- If you have a problem with your server, please make sure you have specified the following information in your e-mail: - Server IP and port - FTP Username - Detailed information about the problem Without the first two, we cannot solve the issue. Please send the information in an email with subject [ts #26205]. ------------------------------------------------------------------------- If you have a problem, make sure you have tried the following: - server restart. This can be done via a RCON QUIT, or a ADMIN QUIT for most games. Correctly configured servers will return within 30 seconds. YOU CAN ALSO RESTART BY GOING TO HTTP://<SERVERIP>:20000 LOGIN WITH FTP USER AND PASS - check the server logs when these are available (server.log or ucc.log). Information in these files can be valuable to solve a problem. - checked the forums at http://forum.gameservers.net. Most questions are already solved by others......blah blah blah" It looks like somebody using my email to register their service because I didn't register or even known such a service (I always have myself to be the victim so I can investigate cybercrime easily). By looking at the email, I could tell that the bad guy also generated a customer support request. I decided to go to the company website to contact their staff. One the website, they also supports "live help" under the form of chatting. And here is our conversation: ** You are now speaking with Gunner, Support. ** Gunner : Hello trihuynh : hi trihuynh : my email is trihuynh () zeeup com trihuynh : and today i start receiving email form you guys trihuynh : but i don't know anything or register anything with your service trihuynh : i want to know what is going on Gunner : That was an e-mail glitch that is now corrected. Thank you for the notification. trihuynh : ???? trihuynh : how comes my email receive your info ? trihuynh : is somebody using my personal info to register here ? Gunner : that I do not know trihuynh : can you check who is registered with the email: trihuynh () zeeup com Gunner : I don't have that information, sorry trihuynh : so what i should do now ? trihuynh : somebody uses my email to register here Gunner : The e-mail problem you mentioned was corrected. trihuynh : but...how can you guys have my emails ? Gunner : you will no longer get e-mails Gunner : that I do not know trihuynh : how can you do not know ? Gunner : Our mail server was compromised Gunner : and is now fixed Gunner : problem is gone Gunner : thank you trihuynh : i still don't understand though trihuynh : how can you have my email Gunner : that's go, all you need to know is it is now fixed Gunner : That's ok** trihuynh : what is the company address ? Gunner : it's on our website Your party has left this session. <---- He quits chatting with me It looks like this comapany doesn't give a damn about information privacy, and there is also a possibility that they are the spammers too. If you guys have have any info about this company, please contact trihuynh () zeeup com and i love to gather more evidences about their privacy malpractices. Trihuynh Sentryunion "Join www.osvdb.org to make a better non-corporated vulnerability database since CERT sucks ! " _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart ***testing, only testing, and damn good at it too!*** OK, so you're a Ph.D. Just don't touch anything. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- A funny (but real) story for XMAS Tri Huynh (Dec 15)
- Re: A funny (but real) story for XMAS Christopher Parker (Dec 16)
- Re: A funny (but real) story for XMAS Cael Abal (Dec 16)
- Re: A funny (but real) story for XMAS proidg (Dec 18)
- Re: A funny (but real) story for XMAS Exibar (Dec 16)
- Re: A funny (but real) story for XMAS Gregory A. Gilliss (Dec 16)
- Re: A funny (but real) story for XMAS Ron DuFresne (Dec 16)
- RE: A funny (but real) story for XMAS Chris DeVoney (Dec 17)
- Re: A funny (but real) story for XMAS Cael Abal (Dec 16)
- Re: A funny (but real) story for XMAS Valdis . Kletnieks (Dec 18)
- RE: A funny (but real) story for XMAS Bill Royds (Dec 18)
- Re: A funny (but real) story for XMAS Christopher Parker (Dec 16)
- Re: A funny (but real) story for XMAS Ron DuFresne (Dec 16)
- <Possible follow-ups>
- Re: A funny (but real) story for XMAS Jeffrey . Stebelton (Dec 16)
- Re: A funny (but real) story for XMAS KF (Dec 16)
- Re: A funny (but real) story for XMAS madsaxon (Dec 16)
- Re: A funny (but real) story for XMAS Kurt Seifried (Dec 16)
- OSVDB (was [Funny Story]) Gregory A. Gilliss (Dec 16)
- Re: A funny (but real) story for XMAS Kurt Seifried (Dec 16)
- RE: A funny (but real) story for XMAS Schmehl, Paul L (Dec 16)
- Symantec Manhunt ? Frederic Charpentier (Dec 16)
- Re: Symantec Manhunt ? misiu_ (Dec 16)
- Re: Symantec Manhunt ? Clint Bodungen (Dec 16)
- Re: Symantec Manhunt ? misiu_ (Dec 16)
- Symantec Manhunt ? Frederic Charpentier (Dec 16)