Thursday, September 23

payback ?

I just had to post this for posterity or whatchama call it. (Aside: I'm taking a break. Stop staring at me.) As observed on Slashdot: Spam Opt-out Link Triggers Malicious Code Attack.
  • Someone posts the URL of a site which hosts a terrible javascript drag and drop exploit (for IE only, everyone else is unaffected).
  • Next: someone did a lookup on the address, found the registrar details (it's in Taiwan).
  • Next: someone did a portscan of the IP address which hosts the site, finds some interesting ports opened
  • Next: someone finds that the MySQL port is open.
  • Next: someone else finds out that the test user is left open on the database.
  • Next: someone posts a list of the database contents.
  • Next: the database contents are changing rapidly as various angry slashdotters trash it

There are many messages from this story. I regret the vigilante justice that occured, since there is next to no chance of arresting this spammer/cracker anymore. But, in no particular order, this episode tells me the following:
Don't bother clicking on the opt-out lists for spam, because it just validates your email address for that guy, or for the next bunch of spammers that s/he sells your address to. (Never bothered to click on it anyway)
Don't use IE, for the love of $deity (in all fairness, there was a patch available for this exploit, though)
Do keep your antivirus upto date, the Javascript exploit is detected by most recent AV scanners (including mine).
Don't piss off the Slashdot crowd. Remember BOFH ? That's why.

Remember I told you that the money and the girl was at that address ? I lied.


<< Home