Be Careful: W32.Netsky.P@mm --> Apprentice Attacks !!!

Open forum for security issues and info.
Forum rules
Any posts concerning pirated software or offering to buy/sell/trade commercial software are subject to removal.
User avatar
GeneratriX
Posts: 4238
Joined: Tue Oct 21, 2003 2:07 am
Location: Rosario / Santa Fe / República Argentina

Be Careful: W32.Netsky.P@mm --> Apprentice Attacks !!!

Unread postby GeneratriX » Sat May 22, 2004 4:50 pm

Our trustly hybrid CISCO firewall setup was detecting tons of:

W32.Netsky.P@mm

...all from the following addresses / subjects:

mailto:c246choi@hotmail.com Hi

mailto:ryumr@hitel.net Re: Old times

webmaster@ goebay.co.kr Re: Administration

mailto:manager@cglink.co.kr Mail Delivery (failure mailto:generatrix_vcs@yahoo.com.ar)

Please be carefull even to note that probably the respective accounts from each messagge with the virus attaches, is not a real account, and only a fake trick that first timers hackers are using to put the file on the outbox of a given server (frequently University's), with the only interest to get in troubles to their victims.

We have dennounced all the attacks from last six months to the respective government oganisms of our country (Republica Argentina ), and the U.S.A. respectives organisms too.

Be carefull, since all these accounts are changing constantly the form to fake their propossals, and always are using very captivants subjects, trying to get your interest.

Diego

User avatar
GeneratriX
Posts: 4238
Joined: Tue Oct 21, 2003 2:07 am
Location: Rosario / Santa Fe / República Argentina

Be Careful With Your eMail Account: Password-Capture Attacks

Unread postby GeneratriX » Thu May 27, 2004 9:01 pm

All this nices attempts to get the password from your eMail account, works on the same way: asking by your click on an address that simulates a page on the context of your mail server, but that in reality only redirect your login/pass data to an eMail account from the hacker that was trying to get control over your account.

I'm encouraging to the use of firewalls to deviate eMails from undemmanded sources to a protected folder, and NEVER click over suchs dumb's-traps.

As always, the sources are dennounced from me to the U.S.A. and Argentina government organisms; even when I know that the senders are fake. But maybe the BIG BROTHER could be interested to track the following examples:


support@ systechltd.com Re: Mail Server jue 27-05 41k

stotlerracing@ aol.com Re: Thank you for delivery mié 26-05 40k

linus.torvalds@ helsinki.fi Mail Delivery (failure mailto:generatrix_vcs@yahoo.com.ar) mié 26-05 41k


HE he he he he he ! :)... The Linus Torvalds one, is my preferred: maybe the guys are confussed by my Ying~Yang SGI Logo, and are thinking that I'm personnel friend of Linus! :)

Not my friend; even when is welcome if he writes to me! ;)


Return to “SGI: Security”

Who is online

Users browsing this forum: No registered users and 1 guest