Full Disclosure mailing list archives
Anybody else getting trojans from someone masquerading as fyodor?
From: Mark <markc () beigebox liquidev com>
Date: Tue, 14 Feb 2006 10:32:58 -0500
I've received two messages in the past few hours from 59.144.22.69, pretending to be from fyodor () insecure org. Both contain a binhex'd UPX packed SCR attachment. Is it just me? Headers below: Return-Path: <fyodor () insecure org> X-Original-To: markc () liquidev com Delivered-To: markc () liquidev com Received: from dallas (unknown [59.144.22.69]) by beigebox.liquidev.com (Postfix) with SMTP id 8F3CF174035 for <markc () liquidev com>; Tue, 14 Feb 2006 13:37:32 +0000 (GMT) From: "fyodor" <fyodor () insecure org> To: <markc () liquidev com> Subject: Fwd: image.jpg MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_NextPart_2.38107085227966E-02" Message-Id: <20060214133732.8F3CF174035 () beigebox liquidev com> Date: Tue, 14 Feb 2006 13:37:32 +0000 (GMT) Return-Path: <fyodor () insecure org> X-Original-To: markc () liquidev com Delivered-To: markc () liquidev com Received: from dallas (unknown [59.144.22.69]) by beigebox.liquidev.com (Postfix) with SMTP id 9CC80174035 for <markc () liquidev com>; Tue, 14 Feb 2006 15:21:21 +0000 (GMT) From: "fyodor" <fyodor () insecure org> To: <markc () liquidev com> Subject: eBook.pdf MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_NextPart_4.75740075111389E-02" Message-Id: <20060214152121.9CC80174035 () beigebox liquidev com> Date: Tue, 14 Feb 2006 15:21:21 +0000 (GMT) Thanks, -Mark _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Anybody else getting trojans from someone masquerading as fyodor? Mark (Feb 14)