A weird macro virus story
Damien Miller
djm at mindrot.org
Fri Jun 23 22:25:36 EDT 2006
John Kelsey wrote:
> Guys,
>
> Some of my co-workers here at NIST got an email macro virus which
> appeared to be targeted to cryptographers. It appeared to be
> addressed to Moti Yung, and come from Lawrie Brown and Henri Gilbert
> (though that name was misspelled, maybe a transcription error from an
> alternate character set). Did any of you notice something like this?
> The email appeared to be addressed to several submission addresses for
> various crypto conferences.
How do you know it was targeted and not just following the common email
virus/worm propagation behaviour of mining email contact lists and
mailboxes on victims' machines? Typically these malware forge both
sender and recipient addresses, and if both happen to be mined from
(say) a mailbox containing an archive of the cryptography at metzdowd.com
mailing list then the recipient will likely recognise the sender's name.
-d
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list