[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Attempts to compromiseTOR servers running windows?

there is a new version of sober that is sending those types of mail
all over the place... you wouldn't think that people would open
them... but oh well. we thought we were being targeted at work and
then did some ressearch and found that one of our suppliers had been
infected and his comp had all of our email addresses on it.

odds are that someone that gets this list has a compromised computer.

On 11/29/05, Harry Hoffman <hhoffman@xxxxxxxxxxxxxxxx> wrote:
> it's most likely comp'd as we're deflecting upwards of 5000 of these
> messages (same from headers *@fbi.gov, *@cia.gov) per-day from all over
> the net :-(
> y0himba wrote:
> > My ISP's mail server is getting bombarded with the same garbage.  All the
> > messages I am getting are from "defang@localhost", and try to appear (very
> > poorly) from official email addresses like fbi@xxxxxxx or
> > webmaster@xxxxxxxxxxx and so on.  They all contain a .zip with an executable
> > and yes, you guessed it, the sober worm.  I am wondering if some idiot is
> > doing this intentionally or if a machine has become compromised.  The
> > messages I receive are not even addressed to me.  I am getting around 3 a
> > minute, and had thousands yesterday.  Outlook's junk filters are handling it
> > quite well I must say.
> >