Full Disclosure mailing list archives

Re: Fwd: Its time to take rick rolling seriously

From: Ureleet <ureleet () gmail com>
Date: Sun, 27 Apr 2008 15:46:22 -0400

i actually agree with this thread.  but its not just rick rolling.
its any link that anayone sends.

On Sat, Apr 26, 2008 at 4:02 PM, Razi Shaban <razishaban () gmail com> wrote:

Actually, yes.

 I made a video about something similar the other day, you can find it at:

 http://www.youtube.com/watch?v=Yu_moia-oVI

 It elaborates on a few of your ideas, but refutes some others.

 --
 Razi



 On 4/26/08, n3td3v <xploitable () gmail com> wrote:
 > ---------- Forwarded message ----------
 >  From: n3td3v <xploitable () gmail com>
 >  Date: Sat, Apr 5, 2008 at 2:17 AM
 >  Subject: Its time to take rick rolling seriously
 >  To: n3td3v <n3td3v () googlegroups com>
 >
 >
 >  We need a big list of all the rick roll URL's, so we can protect the
 >   public against it.
 >
 >   Network operators need a list of rick roll URL's to add to the block list.
 >
 >   Can someone harvest all the rick roll URL's and post them as one list
 >   for folks to copy&paste into their block lists?
 >
 >   Some of the rick rolls don't go to Youtube, some of them are
 >   sophisticated javascript that we need to clampdown on, so not to waste
 >   productivity and resources on these sites getting executed
 >   accidentally.
 >
 >   If you don't think this is a security issue, its time to wake up.
 >
 >   RICK ROLLING HIGHLIGHTS THE EASE OF PHISHING ATTACKS
 >
 >   If you look at how many hits the Youtube rick roll got alone, then
 >   that goes someway in showing your average joe how easy it is to
 >   compromise folks through phishing.
 >
 >   Sure, it looks harmless enough, but the bottom like is, the Youtube
 >   link (don't click) http://youtube.com/watch?v=eBGIQ7ZuuiU has
 >   generated upto  9,290,352 views in only a few months since the craze
 >   took off via mostly social bookmarking sites such as Digg, Reddit.
 >
 >   Those could easily equal into 9,290,352 malicious phishes, 9,290,352
 >   credit cards and 9,290,352 identity frauds.
 >
 >   Now, what happens if the cyber criminals catch onto the rick roll and
 >   start "cyber rolling" everyone with malicious code or links to a
 >   forged banking site, then that's really going to be bad.
 >
 >   So who is keeping track of rick rolling, so it doesn't turn into a
 >   "cyber roll" where folks get compromised?
 >
 >   The media and others should use the rick rolling as a wake up call as
 >   to how easy it is for folks to be fooled, and if its just rick ashley
 >   this time, it might be more than "never gonna give you up" next time,
 >   because it could be your cyber security and bank info you're giving up
 >   in the future, so i'm calling on network security professionals and
 >   the media to use rick rolling as a highlight case of the dangers posed
 >   by social engineering and phishing by hackers, which can ultimately
 >   lead to data loss and disaster. rick rolling should be used to
 >   highlight awareness of the threat posed by link-based-phishing towards
 >   your everyday average single mom, retired couple or the 9,290,352
 >   folks who have to date been "rick rolled", who are the next
 >   potentially phished.
 >
 >   And, not all, rick rolling could be used be an attacker to see how
 >   gullible his target is to links, before carrying out a full on
 >   phishing attack, so there are many issues here with rick rolling which
 >   the security community may not have grasped up till now.
 >
 >   If you think its stupid, 9,290,352 were and thats alarming says n3td3v.
 >
 >   There are stupid people out there and rick rolling could be an easy
 >   way to find the stupid people before your ultimate attack.
 >
 >   Carry on the uses of rick rolling below this e-mail by cyber attackers
 >   and the indications its giving out to folks on how easy phishing and
 >   socialing engineering really is on the internet today.
 >
 >   I see a new craze of "cyber rolling" coming which hackers can exploit
 >   and i'm not sure if I like it very much, its fun and games at the
 >   moment, but just wait to the hackers catch on and things develop with
 >   the rick roll trend.
 >
 >   I'm worried, are you?
 >
 >   All the best,
 >
 >   n3td3v
 >
 >  _______________________________________________
 >  Full-Disclosure - We believe in it.
 >  Charter: http://lists.grok.org.uk/full-disclosure-charter.html
 >  Hosted and sponsored by Secunia - http://secunia.com/
 >

 _______________________________________________
 Full-Disclosure - We believe in it.
 Charter: http://lists.grok.org.uk/full-disclosure-charter.html
 Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Fwd: Its time to take rick rolling seriously n3td3v (Apr 25)
- Re: Fwd: Its time to take rick rolling seriously Razi Shaban (Apr 26)
  - Re: Fwd: Its time to take rick rolling seriously Ureleet (Apr 27)
- Re: Fwd: Its time to take rick rolling seriously mcwidget (Apr 28)
- <Possible follow-ups>
- Re: Fwd: Its time to take rick rolling seriously MiW Mailing Lists (Apr 28)