Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

Fake Squirrel Mail emails

May 23rd 2013 in Uncategorized



Text of email:

Dear E-Mail User
Due to the package compromise of 1.4.11,1.4.12 and 1.4.13, we are forced to release 1.4.15 to ensure no confusions. While initial review didn’t uncover a need for concern, several proof of concepts show that the package alterations introduce a high risk security issue, allowing remote inclusion of files. These changes would allow a remote user the ability to execute exploit code on a victim machine, without any user interaction on the victim’s server. This could grant the attacker the ability to deploy further code on the victim’s server.
So upgrade to  Squirrel Mail Development Team by  click Squirrel Mail Login SquirrelMail 1.4.15 Released
We STRONGLY advise all users of 1.4.11, 1.4.12 and 1.4.13 upgrade immediately.

The page, when I looked at it anyway, didn’t contain any exploits. It’s a simple email address/password harvest (of course very valuable to spammers).  Of course, you should still stay away from the page. It’s behavior could change at any moment (or even change depending on your IP address, or browser used, or time of date or who knows what…)

Comments are closed.

Note, laughing at this does not indicate support for, or approval of, the act of punching a cat in the face (or any animal, or human, for that matter)

Previous Entry

Malvertizing hasn’t gone away – it’s just not in the press as often… keep an eye out for these latest domains, and please treat with extreme caution.   fxpromocode.com turiserv.com (sharing IP with findsovil.com, humeserv.com, orgitom.com, petohost.com, tovohost.com, vodistat.com) doxastat.com (previously at, shared IP with turiserv.com etc) flemboyant.com (Registrar: […]

Next Entry