Full Disclosure mailing list archives
RE: Virus Outbreak Attacking MS05-039 WIN2K
From: "Todd Towles" <toddtowles () brookshires com>
Date: Mon, 15 Aug 2005 11:29:27 -0500
That is very possible, but a "update" would have to be made to the bot client to get this webserver on the box with a phishing site. So why not just wait and do the DNS poison when the website is up and working, instead of before...this just tells people that something is wrong. It doesn't help the worm, it is just leftover junk from the Mytob - as Joe pointed out. -Todd ________________________________ From: full-disclosure-bounces () lists grok org uk [mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of Jan Nielsen Sent: Monday, August 15, 2005 11:14 AM To: full-disclosure () lists grok org uk Subject: RE: [Full-disclosure] Virus Outbreak Attacking MS05-039 WIN2K Perhaps the next phase of the virus is a phishing attack to get people to go to a local webserver initiated by the virus to capture login/credentials from those site ? Jan -----Original Message----- From: Andrew Smith [mailto:andrew.rse () gmail com] Sent: 15. august 2005 17:27 To: Mike Cc: full-disclosure () lists grok org uk Subject: Re: [Full-disclosure] Virus Outbreak Attacking MS05-039 WIN2K Can anyone explain why this virus chooses to block ebay, amazon and paypal? This seems foolish if the intention is to remain on the compromised host un-noticed.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Virus Outbreak Attacking MS05-039 WIN2K Mike (Aug 15)
- Re: Virus Outbreak Attacking MS05-039 WIN2K Andrew Smith (Aug 15)
- RE: Virus Outbreak Attacking MS05-039 WIN2K Jan Nielsen (Aug 15)
- Re: Virus Outbreak Attacking MS05-039 WIN2K Joe Stewart (Aug 15)
- <Possible follow-ups>
- RE: Virus Outbreak Attacking MS05-039 WIN2K Todd Towles (Aug 15)
- RE: Virus Outbreak Attacking MS05-039 WIN2K Todd Towles (Aug 15)
- RE: Virus Outbreak Attacking MS05-039 WIN2K auto447062 (Aug 16)
- Re: Virus Outbreak Attacking MS05-039 WIN2K Andrew Smith (Aug 15)