Interesting People mailing list archives

Previous By Date Next
Previous By Thread Next

How compromised Facebook logins are already being used

From: Dave Farber <dfarber () me com>
Date: Thu, 29 Apr 2010 15:08:32 -0400




Begin forwarded message:


From: Rob portil <Rob () OrbitalWeb com>
Date: April 29, 2010 12:35:48 PM EDT
To: dave () farber net
Subject: How compromised Facebook logins are already being used




The email I got yesterday (below) shows how hackers/spammers can use these hacked logins.

I got this message from a friend on Facebook (yes, he is actually a Facebook friend and the email did come from 
Facebook).

 

It turns out Ken had nothing to do with it. Spammers had his login and posted this message to many of his friends.

 

If you go to the link (I altered it so someone wouldn’t go there accidently from this email) what you find is a 
YouTube lookalike site that appears to be loading a video, then stops and says you need a newer version of Flash and 
attempts to download an executable file.

Being in the development business I knew my Flash software was current and know better than to let any site run an 
executable.

But it would potentially seem plausible to a non-tech person that their friend wanted them to see this video and that 
they didn’t have the current version of Flash and that they should allow the download.

 

This approach would potentially get even those with updated systems and virus protection to download and run 
executables and get them into the botnet system.

 

 

Rob Portil

Orbital Web

408-256-3630

Rob () OrbitalWeb com

 

 

 

 

From: Facebook [mailto:notification+oj4s2o2c () facebookmail com] 
Sent: Wednesday, April 28, 2010 6:35 AM
To: Rob Portil
Subject: Ken Hayes sent you a message on Facebook...

 

facebook

Ken sent you a message.



Ken HayesApril 28, 2010 at 8:35am

Subject: I couldn’t s top laugh i ng when I s aw your a s s !

http://www.facebook.com/l/9cc6e;fotoplanet.it/crazytv/#191



 




-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com
Previous By Date Next
Previous By Thread Next

Current thread: