Re: [Full-disclosure] Re: RSA HAVE CRACKED PHISHING, NO SERIOUSLY

[n3td3v]

Well, Chris, it looks to me by the RSA publishing this information that they are encouraging anyone with a botnet to send thousands of bogus queries to a web form, which would crash a mail server or database, which belonged to a company, that the phishers had previously hacked and the company was previously unaware was being used in a phishing attempt. So now it seems the RSA are sending out information about their activities, which could infulence scriptkids/ hackers etc who own large bot nets to attack anything they see as a "phish". Although, just by individuals of the public sending a single query per user to a phish login form, could cause the same affect as a malicious users bot network.

On 4/1/06, Chris Umphress <[EMAIL PROTECTED]> wrote:

On 3/31/06, n3td3v <[EMAIL PROTECTED]> wrote:
> With this in mind, are the RSA say its OK to DDoS fake login pages that the
> public think are phishing sites with fake information to take the phishing
> sites down? Or maybe the RSA didn't think too far into it before making
> their "illegal tactics" public. I guess nobody in the industry learned from
> makelovenotspam.com and the whole Lycos affair.
>
> On 3/31/06, n3td3v <[EMAIL PROTECTED]> wrote:
> >
> > But do you remmeber back to the Make love not spam saga? Yeah, the big

So.... why repeat yourself 15 minutes later? And personally, I like
the fate that one spammer in Russia met a few months ago....

--
Chris Umphress <http://daga.dyndns.org/ >

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/