[funsec] Security Fix: Tracking the Password Thieves

Fergie fergdawg at netzero.net
Tue Mar 13 23:31:57 CDT 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Brian Krebs:

[snip]

The Washington Post today ran a story I wrote about an epidemic of data
theft being fueled by password-stealing viruses and phishing attacks. In
some ways, the story behind the reporting that went into the piece is just
as interesting, so I'd like to share a few of those details.

I based the story in part on a cache of stolen data I found online (more on
how I obtained it in a bit). The data was being compiled by a
password-stealing virus that had infected many thousands of computers
worldwide; the particular text file that I found included personal
information on 3,221 victims scattered across all 50 U.S. states.

[snip]

More:
http://blog.washingtonpost.com/securityfix/2007/03/tracking_the_password_th
ieves_1.html

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.5.3 (Build 5003)

wj8DBQFF93q6q1pz9mNUZTMRAkEDAKD89UxnW6A2tYKU5O9ZWDg69YkB7wCeIECV
z/fMFsnKdTkb98lpow1uESk=
=9Jk6
-----END PGP SIGNATURE-----



--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg(at)netzero.net
 ferg's tech blog: http://fergdawg.blogspot.com/




More information about the funsec mailing list