Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Has anyone seen this in their e-mail
From: Steve Menard <smenard () nbnet nb ca>
Date: Tue, 09 Mar 2004 13:49:26 -0400

Steve Menard wrote:

I Suspect that it is a targetted long term attack
against higher targets
see the one below from march 3,2004

I saw this one the other day
I thought the guys I hosted with wrote better english
Suspicious fromthe start

From - Wed Mar  3 08:48:00 2004
X-UIDL: &jJ"!-ek"!S[/"!8>c!!
X-Mozilla-Status: 1001
X-Mozilla-Status2: 10000000
Return-Path: <lisa4 () cfl rr com>
Received: from techsp05 ([])
        by changed.not (8.10.2/8.9.3) with SMTP id i23CZqe08455
        for <me () mydomain>; Wed, 3 Mar 2004 08:35:53 -0400
Date: Wed, 03 Mar 2004 20:43:45 +0800
To: me () mydomain
Subject: Notify about using the e-mail account.
From: noreply () mydomain
Message-ID: <ocsgoycxukouajqfnbr () mydomain>
MIME-Version: 1.0
Content-Type: multipart/mixed;
X-UIDL: &jJ"!-ek"!S[/"!8>c!!

Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit

Dear user  of e-mail server "mydomain.xx",

Our main mailing server will be temporary unavaible for next two days, to continue receiving mail in these days you have to configure our free
auto-forwarding  service.

For details see the attached file.

Attached file protected with the  password for security reasons.  Password is 55366.

    The mydomain team                                http://www.mydomain

Content-Type: application/octet-stream; name="TextDocument.zap"
Content-Transfer-Encoding: Content-Disposition: attachment; filename="TextDocument.zap"

some zipped bad file here=


I Forgot to mention
My current email provider for this list
scrubs my email without letting us know it

so they can still sell us antivirus subscritption service on phone bill

damn capatalist buzzards
How am I supposed to get my AV samples ;-)

[change list email addresses steve]   :-D

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]