To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
----------
On Sat, 23 Dec 2006, Gadi Evron wrote:
> In this post ( http://www.phenoelit.net/lablog/Irresponsible.sl ), FX
> describes a drop zone for a phishing/banking trojan horse, and how he
> got to it.
>
> Go FX. I will refrain from commenting on the report he describes from
> secure works, which I guess is a comment on its own.
Secure Science, typo on my end.
>
> We had the same thing happen twice before in 2006 (that is worth
> mentioning or can be, in public).
>
> Once with a very large "security intelligence" company giving drop zone
> data in a marketing attempt to get more bank clients ("hey buddy, why are
> 400 banks surfing to our drop zone?!?!)
>
> Twice with a guy at defcon showing a live drop zone, and the data
> analysis for it, asking for it to be taken down (it wasn't until a week
> later during the same lecture at the first ISOI workshop hosted by
> Cisco). For this guy's defense though, he was sharing information. In a
> time where nearly no one was aware of drop zones even though they have
> been happening for years, he shared data which was valuable commercially,
> openly, and allowed others to clue up on the threats.
>
> Did anyone ever consider this is an intelligence source, and take down
> not being exactly the smartest move?
>
> It's enough that the good guys all fight over the same information, and
> even the most experienced security professionals make mistakes that cost
> in millions of USD daily, but publishing drop zone IPs publicly? That can
> only result in a lost intelligence source and the next one being, say,
> not so available.
>
> I believe in public information and the harm of over-secrecy, I am however
> a very strong believer that some things are secrets for a reason. What
> can we expect though, when the security industry is 3 years behind and we
> in the industry are all a bunch of self-taught amateurs having fun with
> our latest discoveries.
>
> At least we have responsible folks like FX around to take care of things
> when others screw up.
>
> I got tired of being the bad guy calling "the king is naked", at least in
> this case we can blame FX. :)
>
> It's an intelligence war people, and it is high time we got our act
> together.
>
> I will raise this subject at the next ISOI workshop hosted by Microsoft
> ( http://isotf.org/isoi2.html ) and see what bright ideas we come up with.
>
> Gadi.
>
> _______________________________________________
> phishing mailing list
> [email protected]
> http://www.whitestar.linuxbox.org/mailman/listinfo/phishing
>
_______________________________________________
To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
All list and server information are public and available to law enforcement
upon request.
http://www.whitestar.linuxbox.org/mailman/listinfo/botnets
