Attempts to compromiseTOR servers running windows?
Matt Thorne
mlthorne at gmail.com
Tue Nov 29 23:42:39 UTC 2005
there is a new version of sober that is sending those types of mail
all over the place... you wouldn't think that people would open
them... but oh well. we thought we were being targeted at work and
then did some ressearch and found that one of our suppliers had been
infected and his comp had all of our email addresses on it.
odds are that someone that gets this list has a compromised computer.
On 11/29/05, Harry Hoffman <hhoffman at ip-solutions.net> wrote:
> it's most likely comp'd as we're deflecting upwards of 5000 of these
> messages (same from headers *@fbi.gov, *@cia.gov) per-day from all over
> the net :-(
>
>
> y0himba wrote:
> > My ISP's mail server is getting bombarded with the same garbage. All the
> > messages I am getting are from "defang at localhost", and try to appear (very
> > poorly) from official email addresses like fbi at fbi.gov or
> > webmaster at hotmail.com and so on. They all contain a .zip with an executable
> > and yes, you guessed it, the sober worm. I am wondering if some idiot is
> > doing this intentionally or if a machine has become compromised. The
> > messages I receive are not even addressed to me. I am getting around 3 a
> > minute, and had thousands yesterday. Outlook's junk filters are handling it
> > quite well I must say.
> >
>
More information about the tor-talk
mailing list