[prev in list] [next in list] [prev in thread] [next in thread]
List: tccc
Subject: [Tccc] Re: TCCC Mailer might have been hacked
From: "CK ToH" <ck.ieee () doctor ! com>
Date: 2002-11-05 2:19:33
Message-ID: 20021105021933.84185.qmail () mail ! com
[Download RAW message or body]
Dear all,
It has come to my attention that increasingly, we
are getting lots of spam sent to TCCC mailing list.
We will need to improve our system to better deal
with spammers.
Also, the email enclosed below revealed a hacker
who has sent an executable to TCCC mailing list.
The suspected executable is potentially a virus.
What surprised me is that the sender has the address
"Chen <tccc@cs.columbia.edu>" and also
"tccc@comsoc.org". This showed that someone might have
hacked into our system.
I am asking COMSOC to investigate this.
WARNING: Do not attempt to open that executable.
C.K. Toh
TCCC Chair
================================================
Received: from cs.columbia.edu ([61.58.22.50])
by cs.columbia.edu (8.12.6/8.12.6) with SMTP id gA50V0m6020572
for tccc@cs.columbia.edu; Mon, 4 Nov 2002 19:31:01 -0500 (EST)
Message-Id: <200211050031.gA50V0m6020572@cs.columbia.edu>
FROM: Chen <tccc@cs.columbia.edu>
DATE: Tue, 5 Nov 2002 08:35:52+0000
X-Mailer: EBT Reporter v 2.x
TO: tccc@cs.columbia.edu
subject: home
Mime-Version: 1.0
Content-Type: multipart/related;
type="multipart/alternative";
boundary="====_ABC1234567890DEF_===="
X-Priority: 3
X-MSMail-Priority: Normal
X-Unsent: 1
---
[Attachment #3 (text/html)]
<HTML><HEAD></HEAD><BODY bgColor=#ffffff>
<iframe src=cid:EA4DMGBP9p height=0 width=0>
</iframe>Hello,<BR><BR>Product Name: Microsoft Windows 2000<BR>Product Id: \
50293-270-9687714-09837<BR><BR>Process List: <BR>navapsvc Norton AntiVirus \
自動防護服務<BR>NtLmSsp NT LM Security Support Provider<BR>ProtectedStorage Protected \
Storage<BR>SamSs Security Accounts Manager<BR>SysmonLog Performance Logs and \
Alerts<BR>navapsvc Norton AntiVirus 自動防護服務<BR>NtLmSsp NT LM Security Support \
Provider<BR>ProtectedStorage Protected Storage<BR>SamSs Security Accounts \
Manager<BR>SysmonLog Performance Logs and Alerts<BR><BR>Thank you.</BODY></HTML>
[Attachment #4 (unknown)]
MZ������������������@������������������������������������������ !�L!This \
program cannot be run in DOS mode.
$������� y���
��鉏��`��Rich�������������������������PE��L���燨b=�������������������@������������������@��������������� \
����������������v��������������������������������������$w��(�������������������������������������������������������������������������8��� \
�������8���������������������������.text���鴛�����������������������������������������������( \
獥Ⅳ那0TD�鱈,煸IV1言r▲�0言r臻
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic