[LINK] People lie more on the phone than by email

Chirgwin, Richard Richard.Chirgwin at informa.com.au
Mon Feb 16 14:41:19 EST 2004 

Dan - thanks. I guess that it went around a lot today, and a lot of people
were checking Samspade, which is why I couldn't get to samspade.org to check
the URL!

Very, very nasty indeed.

The notion of the "tragedy of the commons" is that legitimate users say
"stuff you jack" and bring in their own cows at the expense of others'. This
is more an armed occupation of the commons: turds like this made themselves
at home overnight and beat up on anyone who wanders by...

RC

> -----Original Message-----
> From: Daniel Rose [mailto:drose at nla.gov.au] 
> Sent: Monday, February 16, 2004 12:15 PM
> To: 'Irene Graham'; link at anu.edu.au
> Subject: RE: [LINK] People lie more on the phone than by email
> 
> 
> Take the RHS (snip up to @) to get 
> 1075686747
> Which an algorithm
> (http://www.netdemon.net/decode.cgi?url=http%3A%2F%2F107568674
> 7) tells me is
> an obfuscation of 64.29.173.91
> 
> Which you should NOT VISIT without caution.  The HTML gives a 
> 550 error, but
> loads a Trojan "BlackBox.class"
> 
> A superficial google yields:
> 
> "This is a hostile java applet that is detected by anti-virus 
> scanners as
> JAVA_Bytverify.A, code which takes advantage of the MS03-011 
> vulnerability
> announced on April 9, 2003. Visitors with a vulnerable 
> Microsoft Java VM
> would have fallen prey to this code."
> 
> Seems likely enough.
> 
> Xxx:yyy at 64.29.173.91 gives the same result, so this is a 
> trojan spreader,
> and an apparently very effective one.
> 
> How many people would happily click that link, get the error, 
> worry all day
> about the investigation then forget the whole thing?
> 
> I didn't bother with a lookup, the machine may well be 
> cracked and used
> without permission anyway.
> 
> I find the ease of infection depressing, as I bet even most 
> linkers browse
> with Java ON.
> 
> So not only "don't click links, you'll get more SPAM" but "don't click
> links, you can get owned."
> 
> 
> Regards,
> 
> 
> Daniel Rose                     62621599
> Postmaster/Helpdesk
> National Library of Australia
> 
> 
> 
> 
> -----Original Message-----
> From: Irene Graham [mailto:rene.lk at libertus.net] 
> Sent: Monday, 16 February 2004 12:56 PM
> To: link at anu.edu.au
> Subject: Re: [LINK] People lie more on the phone than by email
> 
> 
> On Mon, 16 Feb 2004 12:27:00 +1100 jeff.evans at iird.vic.gov.au wrote:
> 
> >
> >I'm curious to know if others have received a similar spam; 
> 
> I received 4 copies yesterday sent to 4 different EFA 
> addresses, two of
> which
> were to the -admin and -owner addresses of EFA public email discussion
> lists,
> not to individual's addresses.
> 
> [...]
> >Push an emotional button and sign up for more spam now!
> >
> >   http://federalpolice.com:article872@1075686747
> >
> >   or at:
> >
> >   http://0100.035.0255.0133
> 
> Those URLs are identical to the ones on the 4 copies I 
> received, so it's not
> apparent how clicking on them could result in "sign up for 
> more spam now",
> however, I have no intention of the clicking on them.
> 
> Irene
> 
> _______________________________________________
> Link mailing list
> Link at mailman.anu.edu.au
> http://mailman.anu.edu.au/mailman/listinfo/link
> _______________________________________________
> Link mailing list
> Link at mailman.anu.edu.au
> http://mailman.anu.edu.au/mailman/listinfo/link
>

More information about the Link mailing list