[funsec] GoDaddy fights back against a hacker attack that hit 445 web sites
Thomas J. Raef
traef at wewatchyourwebsite.com
Mon Sep 26 08:22:34 CDT 2011
I was thinking the same thing.
I've tested a program called iepv.exe and it allows you to see the saved
password in IE. I'm sure hackers either use that or something very similar
to steal (harvest) account credentials.
Thomas J. Raef
<http://www.wewatchyourwebsite.com/> We Watch Your Website
"We Watch Your Website - so you don't have to!"
traef at wewatchyourwebsite.com
847.728.0214
From: funsec-bounces at linuxbox.org [mailto:funsec-bounces at linuxbox.org] On
Behalf Of Larry Seltzer
Sent: Monday, September 26, 2011 7:12 AM
To: Joel Esler
Cc: FunSec List
Subject: Re: [funsec] GoDaddy fights back against a hacker attack that hit
445 web sites
It seems to me the most likely thing is that this collection of credentials
was obtained through conventional means like keyloggers or phishing.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://linuxbox.org/pipermail/funsec/attachments/20110926/28b315b8/attachment.htm
More information about the funsec
mailing list