Branching out.

Jun 09 2010 Published by jayras under Posts

Last couple of days have been interesting on the Phish Front (heh…or is that Phish Phront…I kill me…)

I received a dangerous Phish regarding my Facebook account.  It’s a copy of the REAL e-mail, right down to the graphics and the formatting.

The link, of course, was anything but Facebook.

Interestingly enough, the SMTP Server used for this phish was Bagcrafters.

Quick Google shows that one version of the Homepage is X-Cart, and another version is Replica (Fake) Bags.

eh…who knows, maybe the hacker can’t hack selling fake bags so decided to branch out in fake e-mail market (Oh ya, I kill me…)

I also received a Phish for “Lord of the Rings Online”, which is a game I’ve never played.

This e-mail has to be the worst crafted Phish on the planet.

The e-mail’s “Rely To” is Codemaster, which in my limited research actually shows it as a competitor to Turbine, and has no affiliation with Turbine or Lord of the Rings Online.

(Do a search for the game on Codemaster’s site and you get a couple of screenshot links and that’s it.)

The fake link the Phish to drawing you too is also a misspelling of Codemaster instead of Turbine.

And then, the Body of the e-mail.  Oh Boy…

Again, I don’t have a Turbine Account nor do I play Lord of the Rings Online, but the body of the e-mail is exactly the e-mail I get when I change my Battle.net password.

One final word for today:
Symantec is reporting an increase in Phish Spam going out in the wild in regards to the World Cup.  So, be leary of updates for the World Cup out of the blue promising you some cool updates or cool video footage.  It could very well be a lure to get your keys.  More info here:

http://www.symantec.com/connect/blogs/spammers-begin-their-games-early

Comments are off for this post

Database of 210,000 WOW Accounts found.

May 27 2010 Published by jayras under Posts

Symantec, in pursuit of a lead of a key logger, ran into a sever with a DB that had 44 Million different login credentials of several games.  Out of that was 210,000 World of Warcraft Accounts.

There’s no way to tell if these are still valid credentials or not, nor is anyone sure the source of all these credentials (Probably from several different sources.)

However, along with this Symantec has discovered the owner of the DB was using a “Bot net” using a malware hack called “Trojan.Loginck” which receives information from this DB, attempts to perform logins to various games sites and sends back information if they are successful.

This would allow the owner of the DB to check and validate these 44 million credentials, otherwise going through this manually (Even with all his friends) would take years.  Especially if the gaming sites noticed a ton of login attempts from the same IP Address and decided to investigate and block the IPs.

Source:

http://www.symantec.com/connect/blogs/44-million-stolen-gaming-credentials-uncovered

Comments are off for this post

Ͼ http://www.pthkm.com/xpjylc/ http://www.pthkm.com/bgylc/ Ͼֳ http://www.pthkm.com/pjylc/ ewinֳ http://www.ybewv.com/ewinylc/ Ŷij http://www.ybewv.com/amdc/ ˰ټ http://www.eklhp.com/zrbjl/ Ŷij http://www.aojxq.com/amdcgl/ bet http://www.lpmwq.com/bet365ylc/ ȫѶ http://www.wfgpb.com/qxwgw/ 188 http://www.ywiql.com/jbb188gq/ bet http://www.nwiza.com/bet365ylc/ 365 http://www.rvodp.com/bet365tyzx/ Ͼ http://www.yjzhv.com/smxpjgw/ Ͼij http://www.utssx.com/ampjdc/ ˹˶ij http://www.bkrft.com/amwnsrdc/ Ͼij http://www.bkrft.com/pjdc/ ƶij http://www.bkrft.com/yddc/ Ŷij淨 http://www.bkrft.com/amdcwf/ ȫѶ http://www.bkrft.com/qxwzx/ ˹ά˹ij http://www.fldwd.com/lswjsdc/ ζij http://www.fldwd.com/lwdc/ ŶijЩ http://www.fldwd.com/amdcynx/ ij http://www.fldwd.com/mddc/ ˹˶ij http://www.fldwd.com/wnsrdc/ Ͼij http://www.yuwew.com/amxpjdc/ ĥij http://www.yuwew.com/mddc/ ijϷ http://www.yuwew.com/dcyx/ ĥƽij http://www.yuwew.com/mdhjdc/ ĥij http://www.hgvnk.com/lwmddc/ Űټ http://www.hgvnk.com/ambjl/ ټϷ http://www.hgvnk.com/bjlyx/ ˰ټ http://www.hgvnk.com/zrbjl/ http://www.dnczv.com/bcw/ Ŷij http://www.ybewv.com/amdc/ ˰ټ http://www.eklhp.com/zrbjl/ ټ http://www.zytygb.com/baijiale/ Ŷij http://www.luyouren.com/amdc/ ֳ http://www.yjzhv.com/ozylc/ Ŷij http://www.luyouren.com/aomenduchan/ bet http://www.lsylnj.com/bet365/ Ŷij http://www.lsylnj.com/amdc/ ټ http://www.lsylnj.com/bjl/ http://www.lsylnj.com/bcw/ ˹ http://www.lsylnj.com/wnsrylc/ Ͼ http://www.lsylnj.com/xpjylc/ ټ http://www.zytygb.com/baijiale/ Ŷij http://www.luyouren.com/aomengdushang/ ewinֳ http://www.luyouren.com/ewinyulechen/ bet http://www.luyouren.com/bet365/ ټ http://www.luyouren.com/bjl/ Ŷij http://www.luyouren.com/amdc/ Ŷij http://www.luyouren.com/amduchan/ Ŷij http://www.luyouren.com/aomendc/ Ŷij http://www.luyouren.com/aomenduchan/ Ŷij http://www.luyouren.com/aomengdushang/ ewinֳ http://www.luyouren.com/ewinylc/ ewinֳ http://www.luyouren.com/ewinylchen/ ewinֳ http://www.luyouren.com/ewinylec/ ewinֳ http://www.luyouren.com/ewinyulc/ ewinֳ http://www.luyouren.com/ewinyulechen/ http://www.dnczv.com/bcw/ ټ http://www.dnczv.com/bjl/ bet http://www.dnczv.com/bet365/ ˹ http://www.pthkm.com/wnsrylc/