I wouldn't say specifically 'AOL', but there are a LOT of double-dot trojans being emailed around. Not just AOL, but apparently a lot of email clients do not display and a lot of idiotic users don't look even if it did.
*sigh* Fab Siciliano wrote: > > -----Original Message----- > From: Fab Siciliano [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, February 12, 2002 11:36 AM > To: 'william taylor' > Subject: RE: aol IM "sniffer"? > > Well...favorites aren't sent across anywhere unless you actually want > them to. > > Many AOL users' systems are compromised. He probably downloaded a > malicious file, with an extension of something.jpg(lots of spaces).exe. > AOL likes to hide file extensions. > > Something like Sub7 will just flat out record EVERYTHING. > > You can protect yourself by getting some AV software. It usually picks > up those kinds of things. > > ./fab > > -----Original Message----- > From: william taylor [mailto:[EMAIL PROTECTED]] > Sent: Monday, February 11, 2002 1:16 PM > To: [EMAIL PROTECTED] > Subject: aol IM "sniffer"? > > I had a friend who uses AOL. he told me that someone he knew had bugged > his > AOL account so that his IMs were logged, his sites visited was logged, > and > all of his settings (favorites, buddy list, etc.) had been recorded. i > know > that this is done by cracking and is probably some juvenile prank, but > how > could i protect myself against someone doing that? i.e. is it a packet > sniffer sniffing packets coming out of a specific ip address with > specific > headers, or is it some sort of spoofer that asks AOL for that > information? > and if so, how could i prevent an attack like that from succeeding? > > charles > > _________________________________________________________________ > Chat with friends online, try MSN Messenger: http://messenger.msn.com -- James W. Meritt CISSP, CISA Booz | Allen | Hamilton phone: (410) 684-6566
