Luigi Auriemma

aluigi.org (ARCHIVE-ONLY FORUM!)
It is currently 19 Jul 2012 14:11

All times are UTC [ DST ]





Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 7 posts ] 
Author Message
 Post subject: MSN phising spam - how does it work ?! whos infected ?
PostPosted: 02 Sep 2009 18:55 

Joined: 24 Sep 2007 02:12
Posts: 1114
Location: http://sethioz.co.uk
recently i got some spam from one of the contacts that is not even in my contact list anymore.
now when i started to think about it, how does it work ? is it virus (malware) in my computer, just making it look like its coming from other person or is other person infected ?
ive got enought of those in past, they look something like "omg is this you ? look this picture looks so familiar to you", when you click the link, it says that you have to login with your msn passport, which would result you sending your info to a phiser.

what made me wonder, if other person is infected, then how comes it always comes from contacts that are not even online ?
does anybody know anything at all about it ? i had some strange virus in pc about week ago and it 'attacked' my msn (i posted about it into AV hall of shame).
so does it mean it is actually me infected and my msn keeps sending those links to me ? i only got it from 2 persons. both were offline and not even in my contact list. also the second time i got this spam, it came from one of the same persons.

obviously whatever does this, does not have your/my msn password, otherwise they would not bother to write fake logins and phis like this. i also changed my passwords after i got rid of this strange virus (or whatever it was that attacked my msnmsgr.exe).


Top
 Profile  
 
 
 Post subject: Re: MSN phising spam - how does it work ?! whos infected ?
PostPosted: 02 Sep 2009 19:50 

Joined: 16 Aug 2007 06:25
Posts: 367
Whenever I suspect I have become infected with something, even the slightest paranoia, I will just reinstall the operating system. Some may consider it overkill, but you never know what the virus was programmed to do. Better safe than sorry.

I would try this, and see if you continue to get the problem after re-installing. If you still do, maybe your friends have a virus, and they are still able to contact you for whatever reason (msn glitch?), and the virus is pretending to be them through their infected computer. In the past, a lot of contacts on my AIM buddy list would message me with malicious links because they had a virus. This could be similar.

Or maybe there is some bug within MSN software that allows outsiders to see your contacts, previous contacts, etc... and pretend to be them. Highly unlikely.. just another guess though.


Top
 Profile  
 
 Post subject: Re: MSN phising spam - how does it work ?! whos infected ?
PostPosted: 02 Sep 2009 23:47 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
a msn client which is not in your contact list can talk with you, I guess it's the default setting.
but should exist a privacy option which allows to block any client which is not in your contact list (I talk in general, I have never used msn).


Top
 Profile  
 
 Post subject: Re: MSN phising spam - how does it work ?! whos infected ?
PostPosted: 03 Sep 2009 04:21 

Joined: 08 Jun 2008 07:17
Posts: 92
If you are using the 2009 msn live you can go into


Tools/options/Privacy and check the "Only people on my allow list can see my status and send me messages"

and then you edit the little box under it.

And your getting messages like this?

"Hi, I can't see you doing this! (happyface)
(link)to something like www.msn.buddy.com/(youremail)/blah/blah/php%20"

Most of them use top of the line 0day(0day might be the wrong word i'm talking about a script like this http://www.milw0rm.com/exploits/9137 <-- which is patched ) scripts so if you click it and it brings you to a dead page you in most cases where hit by a drive by download, so now your infect then your msn sends out those same messages to all your friends. I think it is a massive botnet this worm thing.


Top
 Profile  
 
 Post subject: Re: MSN phising spam - how does it work ?! whos infected ?
PostPosted: 03 Sep 2009 19:05 

Joined: 24 Sep 2007 02:12
Posts: 1114
Location: http://sethioz.co.uk
oh no no no guys. big NO to all of you :)

SomaFM, for you to know. i have my whole HDD encrypted and reinstalling OS would impact with truecrypt's bootloader and i have no idea what kind of effect it would have. also my OS is highly customized and it takes me whole week at least to get it back..like winamp hotkeys, all installed applications (and i dont even have half of them so i cant install them anymore).

Luigi, ofcourse its possible to block them, but i only said that they are not in my contact list, i deleted them, but did not block. i delete ppl who doesn't talk to me in long time, but if there is no reason to block, then i wont, i just delete and remove from list.

No i do not use that gay new version, its the most retarded msn i have ever seen and it can be crashed with exploit.

i have my own custom 8.5 (removed sounds, ads, commercials, popups, nudge, sound clip buttons...etc). basically everything is removed exept smiles.


UPDATE:
yesterday i got one of those spam messages from one girl who was currently online.
i have doubts, because i have never got any of this from 'smart' ppl. for example like Luigi, who keeps his pc clean of shit, that includes my other friends who know a lot about computers. mostly i get such things from complete idiots (usually some girls who click everything they see). so this is why im quite sure that they are infected, not me.


Top
 Profile  
 
 Post subject: Re: MSN phising spam - how does it work ?! whos infected ?
PostPosted: 03 Sep 2009 19:57 

Joined: 16 Aug 2007 06:25
Posts: 367
Sethioz wrote:
SomaFM, for you to know. i have my whole HDD encrypted and reinstalling OS would impact with truecrypt's bootloader and i have no idea what kind of effect it would have. also my OS is highly customized and it takes me whole week at least to get it back..like winamp hotkeys, all installed applications (and i dont even have half of them so i cant install them anymore).


What are you gonna do if your hard drive dies? :P Those applications will be gone forever. You should make an image of the hard drive how you like it, then when you have problems/paranoia, just restore the image, and you don't have to deal with everything all over again. But do you really have applications that you can't install anymore? There has to be SOME alternative to a certain piece of software, or a place to download it. If not, alright...but hard drives don't last forever.


Top
 Profile  
 
 Post subject: Re: MSN phising spam - how does it work ?! whos infected ?
PostPosted: 03 Sep 2009 21:44 

Joined: 24 Sep 2007 02:12
Posts: 1114
Location: http://sethioz.co.uk
well if i have to, i will deal with it. my most important data like my bank info, passwords and accounts..etc are backed up on DVDs and in my server and also i have sent small truecrypt containers to my friends to keep. so i will always have my most important data, no matter what, but it is extremely annoying to reinstall everything, including all my custom settings..ugh.

as about image, unfortunetly i don't have any place where i could put the backup image.
after all when HDD dies, it will not be the disk itself, i would buy another identical model and would swap the broken parts (like laser/s or whatever dies).
i think that if HDD is near the edge, it will start giving you write/read errors long before it totally dies on you (disk itself, not motors or lasers, if its even possible that disk dies like this).
however i can always access my HDD externally without booting into it, truecrypt allows me to open it as container too, but if something messes up, it is very, very annoying to get everything back up and running.

im not very concerned, because as i said, so far i have not recieved such spam from any of the 'trusted' ppl. mainly i get it from girls or just some stupid ppl who knows nothing about computers.


Top
 Profile  
 
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 7 posts ] 

All times are UTC [ DST ]


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
cron