[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Email based attack on University

Interesting story.

I am missing technical details.
I do not understand how preview of e-mail can result in hackers stealing
userid and password, what kind of mail program was used?

It say
"The attack on ANU was possible because of the university's old computer

I prefer to use Debian Stable on my server, and expect mail programs are
safe to use - Exim, Dovecot and SquirrelMail.
I am not aware of a security case on Debian where it is possible per
e-mail preview to get password of user.


> On Wed, 2 Oct 2019, at 10:03, Keith Bainbridge wrote:
>> Details are at
>> https://www.abc.net.au/news/2019-10-02/anu-cyber-hack-how-personal-information-got-out/11550578
>> https://www.abc.net.au/news/2019-10-02/the-sophisticated-anu-hack-that-compromised-private-details/11566540
> It seems to me that everything follows from whatever access the initial
> 'unclicked email' malware
> gave to the hackers.
> But how can malware jump from an email that's not "clicked", into some
> part of the university's
> systems?
> Unless... the email was being viewed via a webmail system running on a
> server not owned by the
> university?
> Then... is this just malware of the sort that any website could deliver to
> any visitor?
> Even if it was, one might expect the viewer to have been using a desktop
> PC of some sort, with -
> surely - whatever anti-malware software the university deems appropriate
> for their PCs?
> Or... do all their staff use a mish-mash of personal devices, and those
> don't have to have any
> anti-malware apps on them?
> --
> Jeremy Nicoll - my opinions are my own.

Torben Schou Jensen
Swamp Thing
Homepage: http://swampthing.dk/~tsj/
Skype: swampthing38

Reply to: