Hi All,
There was an email that was sent to this mailing list the other day,
https://lists.freedesktop.org/archives/libreoffice/2018-May/080137.html
I did not see anyone commenting on this, therefore here we go.
It was some malware campaign, trying to get any recipients to click their link.
The email was asking users to click a link to "verify" some account information.
That link though was hosted on a website called silkenwindhounds.org
which has to do with some breed of dogs. Apparently, that website was
compromised.
The problem is that the scripts on that website are still active and
if anyone clicks on the link,
they are redirected through links to other websites that probably try
to exploit web browser bugs.
Is anyone dealing with this?
You need to contact http://www.silkenwindhounds.org/ that the
following two scripts are malware:
/content/late-code/index.php
/cgi-sys/suspendedpage.cgi (clever trick that does redirection, if
they are happy that the HTTP request is from an actual browser.
Otherwise, it just pretends that the website is suspended in order not
to draw suspicion).
Simos
Context
- Malware from email with title "Security alert: Verify your libreoffice -AT- lists.freedesktop.org" · Simos Xenitellis
Privacy Policy |
Impressum (Legal Info) |
Copyright information: Unless otherwise specified, all text and images
on this website are licensed under the
Creative Commons Attribution-Share Alike 3.0 License.
This does not include the source code of LibreOffice, which is
licensed under the Mozilla Public License (
MPLv2).
"LibreOffice" and "The Document Foundation" are
registered trademarks of their corresponding registered owners or are
in actual use as trademarks in one or more countries. Their respective
logos and icons are also subject to international copyright laws. Use
thereof is explained in our
trademark policy.