Full Disclosure mailing list archives

Re: Grab a myspace credential

From: "Steven Scheffler" <steven () forwardslash com>
Date: Tue, 16 Jan 2007 14:42:31 +0200


If you dig into google's cache you will see that
http://www.marcolano.com/login/ has a spoofed myspace.com login screen
where ppl enter their credentials. These are saved in a plain text file
myspace.txt.

Firefox2 warned me about marcolano.com is a phishing site.

S

-----Original Message-----
From: full-disclosure-bounces () lists grok org uk
[mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of Deepan
Sent: Tuesday, January 16, 2007 8:56 AM
To: Peter Dawson
Cc: full-disclosure () lists grok org uk
Subject: Re: [Full-disclosure] Grab a myspace credential

On Mon, 2007-01-15 at 23:05 -0500, Peter Dawson wrote:

"but at some point all this abuse will likely start sending users off
to another service. "
 
thats only --if the know if they are being abused.. most of them are
not coherent about any such issues.. 


 
On 1/15/07, Kevin Pawloski <kpawloski () gmail com> wrote: 
        The level of phishing sites targeting MySpace and bot related

It is not quiet easy to fool 56000+ users using phishing sites. I wonder
how Mark is doing it.

         activity that has been targeting MySpace lately is pretty
        alarming. Granted there is no real financial risk if an
        account gets compromised for the user but at some point all
        this abuse will likely start sending users off to another
        service. 
        
        Kevin 
        
        
        On 1/15/07, North, Quinn <QNorth () iso com> wrote:

"youmustbecompleteretards () idiot com:doyouhonestlythinkiwillputmyrealpass

                wordhere" 
                
                ...at least there is some hope left in the world :-\
                
                --=Q=--
                
                -----Original Message-----
                From: full-disclosure-bounces () lists grok org uk
                [mailto:full-disclosure-bounces () lists grok org uk] On
                Behalf Of Emma
                Perdue
                Sent: Monday, January 15, 2007 7:48 AM 
                To: full-disclosure () lists grok org uk
                Subject: [Full-disclosure] Grab a myspace credential
                
                56000+ and counting
                
                http://www.marcolano.com/login/myspace.txt
                
                --
                *Emma aka TINK*
                
                _______________________________________________
                Full-Disclosure - We believe in it.
                Charter:
                http://lists.grok.org.uk/full-disclosure-charter.html
                Hosted and sponsored by Secunia - http://secunia.com/
                
                _______________________________________________
                Full-Disclosure - We believe in it. 
                Charter:
                http://lists.grok.org.uk/full-disclosure-charter.html
                Hosted and sponsored by Secunia - http://secunia.com/ 
        
        
        
        _______________________________________________
        Full-Disclosure - We believe in it.
        Charter: http://lists.grok.org.uk/full-disclosure-charter.html
        Hosted and sponsored by Secunia - http://secunia.com/
        

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

-- 
-----------------------------------------------
Regards
Deepan Chakravarthy N
http://www.codeshepherd.com/
http://sudoku-solver.net/

I am a programmer by day,
I dig grave for other programmers by night.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
This e-mail message is confidential and intended solely for the person to whom or the entity to which it is addressed. 
All the contents and any attachments remain the property of VR Services (Pty) Ltd unless so stated by contract.
If you are not the intended recipient, you are prohibited from reading, copying, using or disclosing this message to 
others. 
If you received this message in error, please notify the sender immediately by replying to this e-mail or by 
telephoning +27 21 528 9300 and thereafter delete the message. VR Services (Pty) Ltd does not accept liability for any 
personal views expressed in this message.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Grab a myspace credential Emma Perdue (Jan 15)
- <Possible follow-ups>
- Re: Grab a myspace credential North, Quinn (Jan 15)
  - Re: Grab a myspace credential Alex (Jan 15)
    - Re: Grab a myspace credential Jason Miller (Jan 15)
  - Re: Grab a myspace credential Kevin Pawloski (Jan 15)
    - Re: Grab a myspace credential Peter Dawson (Jan 15)
    - Re: Grab a myspace credential Deepan (Jan 15)
    - Re: Grab a myspace credential Dagmar d'Surreal (Jan 16)
    - Re: Grab a myspace credential Steven Scheffler (Jan 16)
    - Re: Grab a myspace credential Troy Cregger (Jan 16)
    - Re: Grab a myspace credential wac (Jan 16)
    - Re: Grab a myspace credential K F (lists) (Jan 16)
    - Re: Grab a myspace credential Sûnnet Beskerming (Jan 17)
    - Re: Grab a myspace credential Troy Cregger (Jan 18)
- Re: Grab a myspace credential Juha-Matti Laurio (Jan 16)