[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #12458 [general]: phishing/trademark/malware violation at torbrowserproject.org

Subject: Re: [tor-bugs] #12458 [general]: phishing/trademark/malware violation at torbrowserproject.org
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Wed, 25 Jun 2014 04:22:11 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 25 Jun 2014 00:22:18 -0400
In-reply-to: <046.8892869ad971216a5f3f0edbc7ba0adc@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <046.8892869ad971216a5f3f0edbc7ba0adc@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#12458: phishing/trademark/malware violation at torbrowserproject.org
-------------------------+-------------------------------------------------
     Reporter:  phobos   |      Owner:  phobos
         Type:  defect   |     Status:  new
     Priority:  normal   |  Milestone:
    Component:  general  |    Version:
   Resolution:           |   Keywords:  trademark violation, phishing,
Actual Points:           |  malware
       Points:           |  Parent ID:
-------------------------+-------------------------------------------------

Comment (by phobos):

 {{{
 More technical details from reddit:

 "As we all could probably already guess, the exe on this site is
 backdoored. It makes a bunch of requests to 162.251.80.25 (
 cp-14.webhostbox.net) from port 3841 on your machine. After that, I am
 seeing messages sent to 185.15.246.132 (nordns.com). Finally, I'm also
 seeing communication to 192.240.104.151.

 It looks like the exe may have been packed with the legitimate version of
 the installer as well as the malware, so the enduser isn't supposed to
 suspect anything."
 }}}

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/12458#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #12458 [general]: phishing/trademark/malware violation at torbrowserproject.org
  - From: Tor Bug Tracker & Wiki

Prev by Author: [tor-bugs] #12458 [general]: phishing/trademark/malware violation at torbrowserproject.org
Next by Author: Re: [tor-bugs] #12458 [general]: phishing/trademark/malware violation at torbrowserproject.org
Previous by thread: [tor-bugs] #12458 [general]: phishing/trademark/malware violation at torbrowserproject.org
Next by thread: Re: [tor-bugs] #12458 [general]: phishing/trademark/malware violation at torbrowserproject.org
Index(es):
- Author
- Thread