homeGeek CultureWebstoreeCards!Forums!Joy of Tech!AY2K!webcam

Forum Home Post A Reply

my profile | directory login | | search | faq | forum home


» The Geek Culture Forums! » News, Reviews, Views! » Rants, Raves, Rumors! » It can happen to anyone » Post A Reply


Post A Reply
Login Name:
Password (max 13 characters):
Message Icon: Icon 1     Icon 2     Icon 3     Icon 4     Icon 5     Icon 6     Icon 7    
Icon 8     Icon 9     Icon 10     Icon 11     Icon 12     Icon 13     Icon 14    
Message:

HTML is not enabled.
UBB Code™ is enabled.

 

Instant Graemlins Instant UBB Code™
Smile   Frown   Embarrassed   Big Grin   Wink   Razz  
Cool   Roll Eyes   Mad   Eek!   Confused   Happytears  
blush   Beard of Peter Gabriel!   crazy   tired   ohwell   evil  
shake head   cry baby   hearts   weep   devil wand   thumbsup  
thumbsdown   Geek   Applause   Angel   Envy    
Insert URL Hyperlink - UBB Code™   Insert Email Address - UBB Code™
Bold - UBB Code™   Italics - UBB Code™
Quote - UBB Code™   Code Tag - UBB Code™
List Start - UBB Code™   List Item - UBB Code™
List End - UBB Code™   Image - UBB Code™

What is UBB Code™?
Options


Disable Graemlins in this post.


 


T O P I C     R E V I E W
The Famous Druid
Member # 1769
 - posted February 24, 2010 17:41
I just received the latest technical support newsletter for a product I use, that's written by an old mate of mine from my university days. If the newsletter is to be believed, he's gone out of the software development, and is now in the Russian Bride biz.

quote:
Marry gorgeous Russian girls now...
11 new profiles added this week

PWNED!

I did some work for this guy a few years ago, he's far more paranoid about network security than I am, and his network is secured within an inch of it's life.

If this can happen to him, it can happen to anyone.
 
TheMoMan
Member # 1659
 - posted February 24, 2010 17:59
____ So TFD, did they hackers really get into his system, or did they intercept enough of his mailings to set up a spoof???
 
Metasquares
Member # 4441
 - posted February 24, 2010 20:06
Are you sure they didn't just forge the from address? Is it from the mailserver he usually sends from? (i.e. do the SMTP headers make sense?)
 
GameMaster
Member # 1173
 - posted February 24, 2010 20:24
Along w/ Metasquares questions, did the newsletters (real ones) use BCC or a long TO list? Sounds like spoofing to me.
 
dragonman97
Member # 780
 - posted February 24, 2010 21:24
It's most likely spoofing.

A really screwy thing that I haven't seen in awhile goes like this:
-A person's computer gets compromised
-The 'badware' running on that computer looks at their Outlook [|Express] e-mail
-It picks a message that it finds...any message
-It resends the message with its own stuff shoved inside it...and...
-It picks any two e-mail addresses from the address book or prior messages, and arbitrarily sets one to be the From and one to be the To.

It's actually a clever social engineering trick which has a significantly greater chance of 'conversion' than a purely random message.
 
The Famous Druid
Member # 1769
 - posted February 24, 2010 23:04
Yes guys, from the meager evidence I presented above, it could have been spoofing, but it looks like we were all over-thinking it.

It seems this otherwise well-secured network had not tied down the mailing list interface. Just email your spam to [email protected] and it gets forwarded to everyone on the mailing list.
 
dragonman97
Member # 780
 - posted February 25, 2010 06:31
quote:
Originally posted by The Famous Druid:
Yes guys, from the meager evidence I presented above, it could have been spoofing, but it looks like we were all over-thinking it.

It seems this otherwise well-secured network had not tied down the mailing list interface. Just email your spam to [email protected] and it gets forwarded to everyone on the mailing list.

Ugh. Oh yeah...that. ;P

It's always kind of sad when people forget about listserve security. :/
 




Contact Us | Geek Culture Home Page

© 2018 Geek Culture

Powered by Infopop Corporation
UBB.classicTM 6.4.0



homeGeek CultureWebstoreeCards!Forums!Joy of Tech!AY2K!webcam