[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Email based attack on University

On 2019-10-02, Torben Schou Jensen <tsj@swampthing.dk> wrote:
> Interesting story.
> I am missing technical details.
> I do not understand how preview of e-mail can result in hackers stealing
> userid and password, what kind of mail program was used?

Yeah, it's better to go directly to the publicly available incident report:


But the email program used by Client 0 is unspecified.

The original spearphishing email (which is assumed to have contained
some sort of self-executable code) was deleted (too late!) and proved

Subsequent spearphishing emails, however, used Word attachments as a
vector (Appendix A, B, and C of the report). I also note a zip file
attachment in the Appendix.

"There are no foreign lands. It is the traveler only who is foreign."
-- Robert Louis Stevenson

Reply to: