Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Frackin script kiddies!!



On Fri, Aug 06, 2010 at 02:27:53PM -0400, Richard Pieri wrote:
> On Aug 6, 2010, at 12:46 PM, Derek Martin wrote:
> > 
> > It's still not a MITM, because even if you consider the game client
> > the end point, then it's the endpoint itself that's been compromised.
> > What you have is a trojan, plain and simple.
> 
> This is true for key logger attacks.  This new type of exploit inserts itself into the host system as a network proxy.  It listens to connection requests from the client and passes them either to the real Blizzard servers or fakes -- I'm not precisely sure which it does, or if it does both depending on some hidden switch somewhere.
> 
> To address Bill's point about frequency: it's that the black hats are using more and more sophisticated attacks.  Today it is Warcraft accounts -- which, silly as it may sound on the face of it, are worth a lot of real-world money.  Tomorrow it will be something more immediate, perhaps Citi or Bank of America.
> 

Also, we should note that the original post from David indicated
that he was accessing his systems remotely. There's a non-zero
chance that potentially hostile invisible proxies are lurking on
any given open WiFi, hotel network, or net cafe. 

-dsr-






BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org