Security Incidents mailing list archives
Re: netbuie.exe, scorpionsearch.com and fastcounter.bcentral.com
From: "Rainer Duffner" <rainer () ultra-secure de>
Date: Wed, 08 May 2002 08:39:13 +0000
Edwards, David (JTS) writes:
Hi,-----Original Message----- From: Nick FitzGerald [mailto:nick () virus-l demon co uk]If they don't, you clearly need to revise your site's judgments about who is worthy of having admin (equivalent) passwords.Hmmm, who rattled your chain.. Are you saying that theonly way this incident could have happened is if one of our administrators stuffed up?
An educated guess would be someone with admin-rights surfing warez & p0rn-sites and "infecting" himself through the automatic installation of said trojan via a IE-feature or vulnerability (or social engineering). People in Germany are often plagued by this, but here, the programs change the default ISP-number in Windoze to a number that is subject to varying arbitrary charges and thus resulting in horrendous phone bills.
cheers, Rainer -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Rainer Duffner Munich rainer () ultra-secure de Germany http://www.i-duffner.de Freising ======================================== When shall we three meet again In thunder, lightning, or in rain?~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service.For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- netbuie.exe, scorpionsearch.com and fastcounter.bcentral.com Edwards, David (JTS) (May 07)
- Re: netbuie.exe, scorpionsearch.com and fastcounter.bcentral.com Rainer Duffner (May 07)
- Re: netbuie.exe, scorpionsearch.com and fastcounter.bcentral.com H C (May 07)
- Re: netbuie.exe, scorpionsearch.com and fastcounter.bcentral.com Nick FitzGerald (May 07)
- Re: netbuie.exe, scorpionsearch.com and fastcounter.bcentral.com Brian McWilliams (May 09)
- <Possible follow-ups>
- RE: netbuie.exe, scorpionsearch.com and fastcounter.bcentral.com Edwards, David (JTS) (May 07)
- Re: netbuie.exe, scorpionsearch.com and fastcounter.bcentral.com Rainer Duffner (May 08)
- RE: netbuie.exe, scorpionsearch.com and fastcounter.bcentral.com Edwards, David (JTS) (May 08)