Full Disclosure mailing list archives

Re: Who should i contact?

From: Joe Stewart <jstewart () lurhq com>
Date: Wed, 5 Jul 2006 08:48:34 -0400

On Wednesday 05 July 2006 04:09, screwedbytaxes () hushmail com wrote:

I've already asked the tax filing company for more information
about any breaches they may have suffered and what other
information may have been exposed. They asked for the source
emails, which I provided, and I have not heard back. This was over
a week ago.

What should I do? What would you do?


Several Bagle variants have a function to collect email addresses from 
files on the infected system and upload them to the author for later 
spamming. This could be one potential vector for such a breach. 

However, before you go busting the filing company, are you sure that 
none of your own systems (which may have contained these addresses in 
an address book or a browser cache) were infected by Bagle at some 
point?

-Joe

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Who should i contact? screwedbytaxes (Jul 05)
- Re: Who should i contact? Cardoso (Jul 05)
- Re: Who should i contact? Joe Stewart (Jul 05)
- Re: Who should i contact? Valdis . Kletnieks (Jul 05)
- Re: Who should i contact? H D Moore (Jul 05)
- <Possible follow-ups>
- Re: Who should i contact? screwedbytaxes (Jul 05)