[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] ShellCode-Exploit deleivery over TOR

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] ShellCode-Exploit deleivery over TOR
From: krishna e bera <keb@xxxxxxxxxxxxxx>
Date: Sat, 12 Nov 2016 16:42:06 -0500
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 12 Nov 2016 16:44:29 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cyblings.on.ca; s=google; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-transfer-encoding; bh=LPr0WoKdFXcAFKtP1Kqi2VDpkdWOyGOh91LlvlCKjlw=; b=geyLxe4xm+MAeFpwO8v739RXFlRxWOrPulk/inisRcNnKVTtL2AWHc/+deZF6ux4bf snhahGz+09TMDWVwWcEKDpib1X7XFvdaAz22lhYoVkDro5D/OGzuA6gJeDRNFUM7TJPz IeL8incVg4y6Rw1+NLifS/+18csnODGLuKb94=
In-reply-to: <KWPTgOo--3-0@tuta.io>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <KWPTgOo--3-0@tuta.io>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Icedove/45.4.0

On 12/11/16 04:40 PM, John Doe wrote:

Recently, Istumble relatively often over a message by my Antivirus
that a file was removedfrom the TB “doomed” cache, where binary
files like images are cached. These filesseem to contain an exploit
like “Win32/ShellCode.A”. Firstly Iassumed a bad exit node that
tampers with the content. But the alerts came in frequently and on
several exit nodes. Now Isuspect something like malicious add
banners. Maybe in combination with adetection function for TOR exit
node IPs.

What sites did you visit recently using TB? Maybe they were the sourceof infections. I am happy to check them using a non-Windows computer.


--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] ShellCode-Exploit deleivery over TOR
  - From: John Doe

References:
- [tor-talk] ShellCode-Exploit deleivery over TOR
  - From: John Doe

Prev by Author: Re: [tor-talk] is it compulsory to enable bridges or apps VPN mode on orbot
Next by Author: Re: [tor-talk] Richard Chirgwin @ theregister.co.uk: "Judge orders FBI to reveal whether White House launched 'Tor pedo' torpedo exploits"
Previous by thread: [tor-talk] ShellCode-Exploit deleivery over TOR
Next by thread: Re: [tor-talk] ShellCode-Exploit deleivery over TOR
Index(es):
- Author
- Thread