[Tfug] Exploiting docs.google.com

erich erich1 at copper.net
Tue Jul 14 20:41:28 MST 2009


Yes,
         He ran to BestBuy to get a laptop with, (sigh), Vista installed 
after
his access provider discontinued service for him on the grounds that
his (old) notebook computer was infected with a worm, and that he must
remove it in order to have service restored. He has Qwest with an
access point. I don't knew if the wireless channel is encrypted.

         I warned him about it, and he has assured me that he has not 
electronically
copied anything from the old computer to the new.

         He says he never uses Outlook, and keeps his address books  on the
web mail interface with Yahoo.
        

                                                           Erich

        
earljviolet at deserthowler.com wrote:
> Am I right in assuming this person is using Windows?
>
> Earl
> On Mon, July 13, 2009 9:38 pm, erich wrote:
>   
>> OK,
>>          I have a acquaintance of mine who is frantic. He has a Yahoo
>> web mail account, and in the past week an agent apparently originating
>> from Yahoo has used his address book to send spam.
>>
>>          In it's most recent attack attempt, it sends a message with a
>> link
>> to a place in docs.google.com that displays this ad for some gambling
>> website. You click on the display ad and it attempts to download
>> a *.exe to your computer. In other words the attacker is using Google
>> to:
>>               1) Display a socially-engineered ad to lure someone.
>>
>>               2) Harbor a malicious *.exe to download.
>>
>>           Never mind Google. Can some agent within Yahoo grab your
>> e-mail address list for an exploit?
>>
>>                                                                   Erich
>>
>> _______________________________________________
>> Tucson Free Unix Group - tfug at tfug.org
>> Subscription Options:
>> http://www.tfug.org/mailman/listinfo/tfug_tfug.org
>>
>>     
>
>
>   





More information about the tfug mailing list