Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Setting the record straight on "The Return of Koobface"
From: "Mr. Hinky Dink" <dink () mrhinkydink com>
Date: Sat, 20 Mar 2010 13:15:09 -0400

Today I ran across this article...

http://www.nst.com.my/Current_News/NST/articles/20100320160620/Article/index_html

... in which it is noted that Kaspersky Labs "recently discovered the 
resurgence of the malicious programme (Koobface) and sounded the alarm."

Gentlemen, I beg to differ.

I first mentioned the resurgence of Koobface on February 23rd, 2010 here...

http://proxyobsession.net/?p=827

I admit I did not "sound the alarm".  I simply lol'd because Koobface is one 
sign of the EPIC FAIL of the security industry.

Just ask Dancho Danchev.  He's made quite a name for himself by doing 
absolutely nothing worthwhile about Koobface except raising his won blood 
pressure spewing vitriol about "The Koobface Gang" (sorry, Danny, but I'm 
not part of "the gang".  I'm just another BlogSpot loser).

For those wondering, I am not a hacker.  I am a Big Time Security 
Professional (you may remember me if you Google "Websense Policy Bypass" - 
unfortuantely those bastards at Warner Brothers killed the soundtrack to my 
YouTube video).  But I am at heart a skeptic, disappointed at what the 
security industry has become.  I created my Proxy List 
(http://www.mrhinkydink.com/proxies.htm) two years ago as a tool for an as 
yet unpublished paper on open SOCKS proxies in the wild.  It has had the 
unintended side effect of tracking the spread of Koobface, since Kooberz 
proxies exclusively (until this month) appear on TCP port 8085.  And it has 
tracked it quite well.

I'd like to take this opportunity to say "Hello" (no, not "GREETZ") to all 
the Cameroonian Puppy Scammers (papa Dollars, STARVO, Dabbleed, et. al.) who 
abuse my proxy list.  Enough is enough.  Get a real job, fellas.

http://proxyobession.net
http://mrhinkydink.blogspot.com
http://twitter.com/mrhinkydink  : (Follow me! I have no friends!) :

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]