[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Possible First Crypto Virus Definitely Discovered!

To: <full-disclosure@xxxxxxxxxxxxxxxx>
Subject: Re: [Full-Disclosure] Possible First Crypto Virus Definitely Discovered!
From: "Micah McNelly" <micah@xxxxxxxxx>
Date: Tue, 8 Jun 2004 15:32:20 -0700

Greatest post of all time.

/me claps.

/m
----- Original Message -----
From: "Goudie, Derek" <derek.goudie@xxxxxxxxxxxx>
To: <full-disclosure@xxxxxxxxxxxxxxxx>
Sent: Tuesday, June 08, 2004 1:54 PM
Subject: RE: [Full-Disclosure] Possible First Crypto Virus Definitely
Discovered!


> Thanks!  I needed that....
>
> -----Original Message-----
> From: Jakob Jünger [mailto:krimskram@xxxxxxxxxx]
> Sent: Tuesday, June 08, 2004 1:01 PM
> To: full-disclosure@xxxxxxxxxxxxxxxx
> Subject: Re: [Full-Disclosure] Possible First Crypto Virus Definitely
> Discovered!
>
> Hi,
>
> I just can admit to what Billy wrote. The Firewall of my PDA is getting
> hot. It plays "Yellow Submarine" everytime I press the escape-key. It
> has to be something like this crypto-thing. I don't know what "crypto"
> means but it seems to be encrypted with EnglishLanguageProtocol.
> Believe me, I have been the administrator of my PDA since I was three
> years old.
>
> Jakob
>
> > Whatever ssl is, I don't know but it's using the so-called "ssl"
> > port on the web servers.
>
> > But this port 443 is not SSH! Why should it be encrypted? And what
> > is this "ssl" thing? I've been in IT for many years and I am now IT
> > Director here at the bank... I would think that I would know what
> > "ssl" would be. I don't think this worm has anything to do with
> > whatever "ssl" is. Does anybody even still use ssl? That's probably
> > why the hackers chose it.
>
> >Sorry to say but it is not! I checked my incoming traffic again this
> morning
> >and the attack on port 443 is still coming in full steam ahead! I
> don't know
> >what's going on, but I am about to block that port on my firewall.
> Some
> >nitwit (probably the idiot that was here before I became IT Director)
> >somehow, for some reason, deliberately opened port 443 on the
> firewalls!
>
> >I am beginning to think that this is the first wave of the new coming
> global
> >crypto-storm!
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- RE: [Full-Disclosure] Possible First Crypto Virus Definitely Disc overed!
  - From: Goudie, Derek

Prev by Date: [Full-Disclosure] iDEFENSE Security Advisory 06.08.04: Squid Web Proxy Cache NTLM Authentication Helper Buffer Overflow Vulnerability
Next by Date: Re: [Full-Disclosure] Possible First Crypto Virus Definitely Discovered!
Previous by thread: RE: [Full-Disclosure] Possible First Crypto Virus Definitely Disc overed!
Next by thread: Re: [Full-Disclosure] Possible First Crypto Virus Definitely Discovered!
Index(es):
- Date
- Thread