nanog mailing list archives
Re: BKA Wiesbaden - Abteilung Cybercrime (Not sure if this is a phishing E-mail or real...)
From: "Glen A. Pearce" <nanog () ve4 ca>
Date: Wed, 26 Apr 2023 19:53:13 -0600
On 24/04/2023 10:24 a.m., Niels Bakker wrote:
* nanog () ve4 ca (Glen A. Pearce) [Mon 24 Apr 2023, 17:42 CEST]:Well, I eventually had a friend open the attachment on his Linux machineNot necessarily a safe idea: https://www.welivesecurity.com/2023/04/20/linux-malware-strengthens-links-lazarus-3cx-supply-chain-attack/(scroll down to "Operation DreamJob with a Linux payload", sadly no anchors)-- Niels.
Thanks for the heads up on that. My situation (in this one case) was a little different from the example in the article you sent as I had already verified it was a text file (and not another type masquerading as a text file with funny characters). I was just
concerned because I was wondering if someone had found a way to compromiseWindows Notepad (or at least some versions of it because Microsoft likes to keep changing things). I still kinda wonder now if there is some vulnerability in Microsoft Notepad somewhere because of a "feature" someone decided to add along the way
that nobody needed and almost nobody known about.... The link you included might still save someone a lot of headaches one day.I checked with my friend, what he did was use Linux on a virtual machine with a static hard drive then started "Nano" at the command line and used that to open the file I sent him. He's a lot more expert than me so I tend to trust that he knows what he's doing even if he doesn't fill me in on all the details. I guess in this case he figured he didn't need to fill me in on them until I asked. Though I did pass on the article you
sent in case it's relevant to something he encounters in the future. -- Glen A. Pearce gap () ve4 ca Network Manager, Webmaster, Bookkeeper, Fashion Model and Shipping Clerk. Very Eager 4 Tees http://www.ve4.ca ARIN Handle VET-17
Current thread:
- BKA Wiesbaden - Abteilung Cybercrime (Not sure if this is a phishing E-mail or real...) Glen A. Pearce (Apr 03)
- Re: BKA Wiesbaden - Abteilung Cybercrime (Not sure if this is a phishing E-mail or real...) Suresh Ramasubramanian (Apr 03)
- Re: BKA Wiesbaden - Abteilung Cybercrime (Not sure if this is a phishing E-mail or real...) Stefan Giera (Apr 03)
- Re: BKA Wiesbaden - Abteilung Cybercrime (Not sure if this is a phishing E-mail or real...) Bjoern Franke via NANOG (Apr 03)
- Re: BKA Wiesbaden - Abteilung Cybercrime (Not sure if this is a phishing E-mail or real...) Glen A. Pearce (Apr 24)
- Re: BKA Wiesbaden - Abteilung Cybercrime (Not sure if this is a phishing E-mail or real...) Niels Bakker (Apr 24)
- Re: BKA Wiesbaden - Abteilung Cybercrime (Not sure if this is a phishing E-mail or real...) Jim Shankland (Apr 24)
- Re: BKA Wiesbaden - Abteilung Cybercrime (Not sure if this is a phishing E-mail or real...) Glen A. Pearce (Apr 26)
- Re: BKA Wiesbaden - Abteilung Cybercrime (Not sure if this is a phishing E-mail or real...) Niels Bakker (Apr 24)