Security Incidents mailing list archives
AIM Password theft
From: Mark Coleman <markc () uniontown com>
Date: Tue, 23 Sep 2003 10:53:59 -0400
I just started investigating a report that appears to have merit of a username/password theft of AIM accounts.
Users are being directed to a web page located at www.haxr.org where the source appears to run a javascript program that is proportedly stealing AIM usernames/passwords/buddy lists.
Does anyone have any information related to www. haxr.org or the technique being used? Please be careful when visiting the page, it pulls script off of a yahoo site.
I am finding nothing in any of the initial searches that I am doing. Any help/insight would be greatly appreciated. -Mark Coleman --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- AIM Password theft Mark Coleman (Sep 23)
- Re: AIM Password theft Lothar Kimmeringer (Sep 23)
- Re: AIM Password theft Jamie Pratt (Sep 24)
- Re: AIM Password theft Valdis . Kletnieks (Sep 24)
- Re: AIM Password theft Meritt James (Sep 25)
- Re: AIM Password theft VU#865940 CERT(R) Coordination Center (Sep 25)
- Re: AIM Password theft Jamie Pratt (Sep 24)
- Re: AIM Password theft Lothar Kimmeringer (Sep 23)
- <Possible follow-ups>
- RE: AIM Password theft Andrew McKnight (Sep 24)
- Re: [incidents] RE: AIM Password theft Tim Kennedy (Sep 24)
- Re: AIM Password theft Rick Updegrove (Sep 24)
- Re: AIM Password theft Meritt James (Sep 25)
- RE: AIM Password theft Bergeron, Jared (Sep 24)