Full Disclosure mailing list archives
Re: [funsec] nasty infection from following link if anyone is interested
From: David Alanis <canito () dalan us>
Date: Thu, 26 Nov 2009 03:59:41 -0600
Dragos Ruiu wrote:
Haha, and then you included his clickable link in your message inclusion. Tsk, Tsk. <chuckle> cheers, --dr On 25-Nov-09, at 12:16 PM, Juha-Matti Laurio wrote:Your modifications doesn't prevent your link to be clickable in all mail clients. Please use methods http : // and/or archive1329101302 , heddasq next time... Juha-Matti RandallM [randallm () fidmail com] kirjoitti:one of my sales people fell for a "someone posted a picture of you" emails. Got a real nasty that came with, according to malwarebytes, "Pawnd.bot and Backdoor.bot". Havent checked it out yet but thought I would share it. The link is this: (REMOVETHISFIRST http: // archive1329101302 , heddasq,eu/photo- hosting/) -- been great, thanks a.k.a System_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/-- World Security Pros. Cutting Edge Training, Tools, and Techniques Vancouver, Canada March 22-26 http://cansecwest.com Amsterdam, Netherlands June 16/17 http://eusecwest.com pgpkey http://dragos.com/ kyxpgp _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
I don't understand what is so funny about that or where you find the humor in knowing some less intuitive user at your company can cause a lot of damage to your network!?!?! Randall is simply sharing the information he's gathered. Here is the one message I received from an offshore colleague through my facebook account. Note that since I no longer have a facebook (mostly cause its a security risk) account and I suggested they follow some type of incident management plan with her machine. -------------------- Hey, some jerk has posted your pictures (u understand what kind of pictures are there) and sent a link of them to all ur friends. I have already replied back. Said, that he is an indiot. See the link: http://ehuvinuru.digitalzones.com/fozogaly.html Take care........ -------------------- That link took me to some server out in Brazil and it wanted me to install some type of flash player... I didn't really have the time to look into it just to see what it would do and where it would take me so if this is your cup of tea, have at it. Cheers, SDA _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: [funsec] nasty infection from following link if anyone is interested Juha-Matti Laurio (Nov 25)
- Re: [funsec] nasty infection from following link if anyone is interested Dragos Ruiu (Nov 25)
- Re: [funsec] nasty infection from following link if anyone is interested David Alanis (Nov 26)
- Re: [funsec] nasty infection from following link if anyone is interested Dragos Ruiu (Nov 25)