Spam email containing PHP script targeting whois contacts February 19, 2007
Posted by Geir in Security, whois.trackback
ISC is reporting a spam that may have been sent to WHOIS contacts containing a PHP script that the user is asked to upload to his/her servers. The spam claims to contain a security update and the end user is asked to upload a PHP script into their web root. To me this is a new tactic requiring the user to actually upload a payload onto their servers, i wonder how successful this vector was.
Possibly due to the enhanced protection of the .NAME privacy protected WHOIS we have not had any reports of this spam being targeted at .name users.
–geir
[...] Spam email containing PHP script targeting whois contacts « dotnameISC is reporting a spam that may have been sent to WHOIS contacts containing a PHP script that the user is asked to upload to his/her servers. The spam claims to contain a security [...]