homeGeek CultureWebstoreeCards!Forums!Joy of Tech!AY2K!webcam

The Geek Culture Forums


Post New Topic  New Poll  Post A Reply
my profile | directory login | | search | faq | forum home
  next oldest topic   next newest topic
» The Geek Culture Forums   » News, Reviews, Views!   » Rants, Raves, Rumors!   » It can happen to anyone

 - UBBFriend: Email this page to someone!    
Author Topic: It can happen to anyone
The Famous Druid

Gold Hearted SuperFan!
Member # 1769

Member Rated:
4
Icon 1 posted February 24, 2010 17:41      Profile for The Famous Druid     Send New Private Message       Edit/Delete Post   Reply With Quote 
I just received the latest technical support newsletter for a product I use, that's written by an old mate of mine from my university days. If the newsletter is to be believed, he's gone out of the software development, and is now in the Russian Bride biz.

quote:
Marry gorgeous Russian girls now...
11 new profiles added this week

PWNED!

I did some work for this guy a few years ago, he's far more paranoid about network security than I am, and his network is secured within an inch of it's life.

If this can happen to him, it can happen to anyone.

--------------------
If you watch 'The History Of NASA' backwards, it's about a space agency that has no manned spaceflight capability, then does low-orbit flights, then lands on the Moon.

Posts: 10670 | From: Melbourne, Australia | Registered: Oct 2002  |  IP: Logged
TheMoMan
BlabberMouth, a Blabber Odyssey
Member # 1659

Member Rated:
4
Icon 1 posted February 24, 2010 17:59      Profile for TheMoMan         Edit/Delete Post   Reply With Quote 
____ So TFD, did they hackers really get into his system, or did they intercept enough of his mailings to set up a spoof???

--------------------
Those who would give up essential liberty to purchase a little temporary safety deserve neither liberty nor safety.


Benjamin Franklin,

Posts: 5836 | From: Just South of the Huron National Forest, in the water shed of the Rifle River | Registered: Sep 2002  |  IP: Logged
Metasquares
Highlie
Member # 4441

Member Rated:
5
Icon 1 posted February 24, 2010 20:06      Profile for Metasquares   Author's Homepage     Send New Private Message       Edit/Delete Post   Reply With Quote 
Are you sure they didn't just forge the from address? Is it from the mailserver he usually sends from? (i.e. do the SMTP headers make sense?)
Posts: 664 | From: Morganville, NJ | Registered: Oct 2005  |  IP: Logged
GameMaster
BlabberMouth, a Blabber Odyssey
Member # 1173

Member Rated:
4
Icon 1 posted February 24, 2010 20:24      Profile for GameMaster   Author's Homepage     Send New Private Message       Edit/Delete Post   Reply With Quote 
Along w/ Metasquares questions, did the newsletters (real ones) use BCC or a long TO list? Sounds like spoofing to me.

--------------------
My Site

Posts: 3038 | From: State of insanity | Registered: Mar 2002  |  IP: Logged
dragonman97

SuperFan!
Member # 780

Member Rated:
4
Icon 1 posted February 24, 2010 21:24      Profile for dragonman97   Author's Homepage     Send New Private Message       Edit/Delete Post   Reply With Quote 
It's most likely spoofing.

A really screwy thing that I haven't seen in awhile goes like this:
-A person's computer gets compromised
-The 'badware' running on that computer looks at their Outlook [|Express] e-mail
-It picks a message that it finds...any message
-It resends the message with its own stuff shoved inside it...and...
-It picks any two e-mail addresses from the address book or prior messages, and arbitrarily sets one to be the From and one to be the To.

It's actually a clever social engineering trick which has a significantly greater chance of 'conversion' than a purely random message.

--------------------
There are three things you can be sure of in life: Death, taxes, and reading about fake illnesses online...

Posts: 9332 | From: Westchester County, New York | Registered: May 2001  |  IP: Logged
The Famous Druid

Gold Hearted SuperFan!
Member # 1769

Member Rated:
4
Icon 1 posted February 24, 2010 23:04      Profile for The Famous Druid     Send New Private Message       Edit/Delete Post   Reply With Quote 
Yes guys, from the meager evidence I presented above, it could have been spoofing, but it looks like we were all over-thinking it.

It seems this otherwise well-secured network had not tied down the mailing list interface. Just email your spam to [email protected] and it gets forwarded to everyone on the mailing list.

--------------------
If you watch 'The History Of NASA' backwards, it's about a space agency that has no manned spaceflight capability, then does low-orbit flights, then lands on the Moon.

Posts: 10670 | From: Melbourne, Australia | Registered: Oct 2002  |  IP: Logged
dragonman97

SuperFan!
Member # 780

Member Rated:
4
Icon 1 posted February 25, 2010 06:31      Profile for dragonman97   Author's Homepage     Send New Private Message       Edit/Delete Post   Reply With Quote 
quote:
Originally posted by The Famous Druid:
Yes guys, from the meager evidence I presented above, it could have been spoofing, but it looks like we were all over-thinking it.

It seems this otherwise well-secured network had not tied down the mailing list interface. Just email your spam to [email protected] and it gets forwarded to everyone on the mailing list.

Ugh. Oh yeah...that. ;P

It's always kind of sad when people forget about listserve security. :/

--------------------
There are three things you can be sure of in life: Death, taxes, and reading about fake illnesses online...

Posts: 9332 | From: Westchester County, New York | Registered: May 2001  |  IP: Logged


All times are Eastern Time  
Post New Topic  New Poll  Post A Reply Close Topic    Move Topic    Delete Topic next oldest topic   next newest topic
 - Printer-friendly view of this topic
Hop To:

Contact Us | Geek Culture Home Page

2015 Geek Culture

Powered by Infopop Corporation
UBB.classicTM 6.4.0



homeGeek CultureWebstoreeCards!Forums!Joy of Tech!AY2K!webcam