Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

RE: RE: SUPER SPOOF DELUXE Re: Microsoft and Security
From: "Mark Laurence" <m.laurence () groveindependentschool co uk>
Date: Fri, 2 Jul 2004 09:49:29 +0100

I think the most likely scenario for the windows update thing would be that
you would click on a link from a site you are surfing that advises you to
install the latest updates by visiting windowsupdate. You follow the link,
address bar looks good so you have no reason to expect a problem. 
The malicious link would have inserted a frame that looks like the scan for
updates page, the user follows the scan for updates, installs what he thinks
is a legit security update, which is in fact a piece of spyware or a trojan.
User reboots and thinks nothing of it....in the meantime he has become a
host for a load of p0rn or a gateway for hackers to use for anything they
want.
IMO anyway
Mark

-----Original Message-----
From: full-disclosure-admin () lists netsys com 
[mailto:full-disclosure-admin () lists netsys com] On Behalf Of 
http-equiv () excite com
Sent: 02 July 2004 03:52
To: full-disclosure () lists netsys com
Subject: RE: RE: SUPER SPOOF DELUXE Re: [Full-disclosure] 
Microsoft and Security



What an utterly pathetic scenario you present. Obviously 
you're blissfully unaware of the current security trend of 
site spoofing, 'phishing', url spoofing, DNS spoofing, zone 
spoofing and on and on and on.

and of course now very the latest 'security expert spoofing' !

 <!-- 

"Your subject makes it sound like this is a spoofing vulnerability"

You have to look at the prerequisite attack scenario. You are 
surfing to some random site and out of nowhere it opens 
WellsFargo.com or WindowsUpdate. At this point you are 
thinking one of 2 things, either 

"What the.. I didn't go to WindowsUpdate/WellsFargo .. Let me 
just close that window .. Damn popups" 

or 

"Hey how nice, WindowsUpdate/WellsFargo magically appeared in 
front of me and I didn't even intend to go there .. I was 
just surfing for porn .. Let me hurridly download some stuff 
from there and give it my account details"

 -->



--
http://www.malware.com





_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

---
Incoming mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.656 / Virus Database: 421 - Release Date: 09/04/2004
 


---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.656 / Virus Database: 421 - Release Date: 09/04/2004
 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault