Comments: Internet 'Phishing' Scams Getting More Devious

Hello iang,

I have a full copy of what you are describing here. We snagged it from a client right after they rootkit'd one of our servers with it internally from a hosting account.

Its got an installer and a readme even...

fun stuff... we had to write counteractive scripts to unwind the mess across a couple hundred http sites not to mention the wreck it made out of the root files.

This one spawned from windows but now can work over linux via openssh or sendmail etc.

Posted by KKKK at January 21, 2005 08:40 AM
Post a comment









Remember personal info?






Hit Preview to see your comment.
MT::App::Comments=HASH(0x5560f7ffc040) Subroutine MT::Blog::SUPER::site_url redefined at /home/iang/www/fc/cgi-bin/mt/lib/MT/Object.pm line 125.