1. Home
  2. Electronics Design
  3. OT: What sort of ignoramus...

OT: What sort of ignoramus...

What sort of ignoramus thinks they can snag me with E-mails with zipfile attachments with *.js contents?

Sheeeeesh!

Dumbest of the dumb.

(It's not just a robot, the asshole is going to my website and using the mailer... which captures his IP address ;-) ...Jim Thompson

-- | James E.Thompson | mens | | Analog Innovations | et | | Analog/Mixed-Signal ASIC's and Discrete Systems | manus | | San Tan Valley, AZ 85142 Skype: skypeanalog | | | Voice:(480)460-2350 Fax: Available upon request | Brass Rat | | E-mail Icon at

formatting link
| 1962 | I love to cook with wine. Sometimes I even put it in the food.

Reply to
Jim Thompson
Loading thread data ...

Trying to break and exploit the mailer me thinks.

Have a friendly word with your firewall and patching strategist.

--
Adrian C
Reply to
Adrian Caspersz

On Tue, 1 Mar 2016 17:57:58 +0000, Adrian Caspersz Gave us:

If some lame f*ck was trying to hack him, his reported IP address would NOT point back to him, idiots.

Reply to
DecadentLinuxUserNumeroUno

I don't that is it... the same individual is sending the same *.js crap from multiple origination points as well.

My guess is it's some clown on this group whose narcissistic ego I have annoyed >:-}

But too dumb to fathom that some of us allow NOTHING to auto-run. ...Jim Thompson

--
| James E.Thompson                                 |    mens     | 
| Analog Innovations                               |     et      | 
| Analog/Mixed-Signal ASIC's and Discrete Systems  |    manus    | 
| San Tan Valley, AZ 85142     Skype: skypeanalog  |             | 
| Voice:(480)460-2350  Fax: Available upon request |  Brass Rat  | 
| E-mail Icon at http://www.analog-innovations.com |    1962     | 
              
I love to cook with wine.     Sometimes I even put it in the food.
Reply to
Jim Thompson

Probably a botnet. That's common. You, and a lot of other people, are in for-sale-cheap lists of email addresses that spammers and scammers use.

I use a service to scrub my emails, and then local filters. Maybe one percent of phishing mails get as far as my trash folder.

--

John Larkin         Highland Technology, Inc 
picosecond timing   precision measurement  

jlarkin att highlandtechnology dott com 
http://www.highlandtechnology.com
Reply to
John Larkin

This appears to be another case where your mouth outran your brain. If some competent f*ck did it, their IP would be spoofed, a lame f*ck wouldn't bother or maybe even know how.

And I am sure you knew that.

Reply to
jurb6006

What kind of f***ed up email program would let anything autorun out of an email ? I smell Microsoft.

Reply to
jurb6006

It's a bot trying mailer forms on other servers. Have a look at the mail headers, you might identify the owners of them.

It's not an attack on your own PC.

--
Adrian C
Reply to
Adrian Caspersz

At one time IE would run attachments that were just in inbox... they didn't even have to be viewed.

--

John Larkin         Highland Technology, Inc 
picosecond timing   precision measurement  

jlarkin att highlandtechnology dott com 
http://www.highlandtechnology.com
Reply to
John Larkin

When you attach a zipfile with a *.js script inside it, you're attempting to trash someone's PC.

Right now I have my filtering set up to retain body but "wipe" attachment.

I'll stop that and post the next *.js script and let someone interpret it for me. ...Jim Thompson

--
| James E.Thompson                                 |    mens     | 
| Analog Innovations                               |     et      | 
| Analog/Mixed-Signal ASIC's and Discrete Systems  |    manus    | 
| San Tan Valley, AZ 85142     Skype: skypeanalog  |             | 
| Voice:(480)460-2350  Fax: Available upon request |  Brass Rat  | 
| E-mail Icon at http://www.analog-innovations.com |    1962     | 
              
I love to cook with wine.     Sometimes I even put it in the food.
Reply to
Jim Thompson

Beats the hell out of me, I've used MS OE for over a decade (check my headers, all the way back to 2001!) and never had anything auto-run.

Tim

--
Seven Transistor Labs, LLC 
Electrical Engineering Consultation and Contract Design 
Website: http://seventransistorlabs.com
Reply to
Tim Williams

You _can_ let zip attachments auto-extract.

I don't. I've used Eudora since DOS-days... excellent filtering capabilities.

The only Microsoft on this machine is Win7 and Solitaire ;-)

Outhouse Excuse is specifically forbidden ;-) ...Jim Thompson

--
| James E.Thompson                                 |    mens     | 
| Analog Innovations                               |     et      | 
| Analog/Mixed-Signal ASIC's and Discrete Systems  |    manus    | 
| San Tan Valley, AZ 85142     Skype: skypeanalog  |             | 
| Voice:(480)460-2350  Fax: Available upon request |  Brass Rat  | 
| E-mail Icon at http://www.analog-innovations.com |    1962     | 
              
I love to cook with wine.     Sometimes I even put it in the food.
Reply to
Jim Thompson

Not always.

An issue is buffer overrun and code execution through the mailer on servers that elevates permissions for persons unknown, which is why I'm suggesting checking patching.

Keep .js blocked on your PC anyway, no need to send the example!

--
Adrian C
Reply to
Adrian Caspersz

I'm just curious what the script tries to do (I don't speak anything much more complicated than RegEx ;-) ...Jim Thompson

--
| James E.Thompson                                 |    mens     | 
| Analog Innovations                               |     et      | 
| Analog/Mixed-Signal ASIC's and Discrete Systems  |    manus    | 
| San Tan Valley, AZ 85142     Skype: skypeanalog  |             | 
| Voice:(480)460-2350  Fax: Available upon request |  Brass Rat  | 
| E-mail Icon at http://www.analog-innovations.com |    1962     | 
              
I love to cook with wine.     Sometimes I even put it in the food.
Reply to
Jim Thompson

Actually thinking about this, I call BS on myself.

It's probably more likely this type of file would be targeting your machine. *.js files don't normally have a natural execution environment on a web server.

That's normally some other server scripted language like PHP.

formatting link

Sorry, part of me head is obviously faulty today. Seeing things that aren't there.

--
Adrian C
Reply to
Adrian Caspersz

Just return the favor...

Reply to
Robert Baer

On Tue, 01 Mar 2016 21:06:45 -0800, Robert Baer Gave us:

Not smart.

Not mature.

Pretty sure not legal. The word 'knowingly' comes to mind.

Reply to
DecadentLinuxUserNumeroUno

The latest has been copied to this location...

Maybe a JS expert can decipher what the hacker is trying to do.

Thanks! ...Jim Thompson

--
| James E.Thompson                                 |    mens     | 
| Analog Innovations                               |     et      | 
| Analog/Mixed-Signal ASIC's and Discrete Systems  |    manus    | 
| San Tan Valley, AZ 85142     Skype: skypeanalog  |             | 
| Voice:(480)460-2350  Fax: Available upon request |  Brass Rat  | 
| E-mail Icon at http://www.analog-innovations.com |    1962     | 
              
I love to cook with wine.     Sometimes I even put it in the food.
Reply to
Jim Thompson

Well, it seems to have a bunch of strings encrypted as decimal numbers. I didn't dig further than that.

Jon

Reply to
Jon Elson

I'm sure it's malicious. ...Jim Thompson

-- | James E.Thompson | mens | | Analog Innovations | et | | Analog/Mixed-Signal ASIC's and Discrete Systems | manus | | San Tan Valley, AZ 85142 Skype: skypeanalog | | | Voice:(480)460-2350 Fax: Available upon request | Brass Rat | | E-mail Icon at

formatting link
| 1962 | I love to cook with wine. Sometimes I even put it in the food.

Reply to
Jim Thompson

ElectronDepot website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.