Comments

You Have 2 New Documents dropbox phishing — 5 Comments

  1. Universities in America seem to be a popular target. First they phish someones login/password, then they RDP onto the internet facing computer, in this case Windows 7 computer facilitiesMNGRPC.hmsc.oregonstate.edu, then start phish spamming. Either that or brute force SSH.
    I’ve given up reporting to the universities, they just get compromised a week later. I actually have a spam rule that says if the client host ends with .edu or .edu.ca, and the message body contains a Bank name/Dropbox/Paypal/Ebay/Amazon/Netflix/etc, then reject.

  2. Sloppy phisher left his source code here hxxp://www.pedraforte.net/js/index/klnkjfe/dropbox.zip
    submit.php contains email address results are being emailed to.

Leave a Reply

Your email address will not be published. Required fields are marked *