Θέλω τη Συμβουλή σας

Συζητήσεις και νέα σχετικά με την ασφάλεια των υπολογιστών και των virus που τους προσβάλουν...

Συντονιστές: Super-Moderators, Software & Hardware Moderators

Απάντηση
patmanx
Δημοσιεύσεις: 3
Εγγραφή: 04 Απρ 2002 03:00
Τοποθεσία: Athens
Επικοινωνία:

Θέλω τη Συμβουλή σας

Δημοσίευση από patmanx » 29 Ιαν 2004 15:42

Ελαβα μέσω e-mail (από κάποιο newsgroup στο οποίο συμμετέχω), το παρακάτω κείμενο

Είναι δυνατόν να γίνει κάτι τέτοιο? Ευχαριστώ εκ των προτέρων

I just received the following

proceed at your own risk

HOW TO HACK INTO PAYPAL ACCOUNTS WITH CONFIRMED ADDRESSES!!!


WARNING:

1) The following complete hacking tutorial contains materials that may not be suitable for irresponsible internet users, reader discretion is advised!

2) The hacking method is based on a secretly discovered security flaw in the PayPal (www.paypal.com) mailing address confirmation system. It will only work BEFORE PayPal discovers this serious security flaw and fixes it. Take your action FAST!

3) This method works only works for hackers with PayPal accounts with CONFIRMED MAILING ADDRESSES. It will never work for PayPal user without a confirmed mailing address.

4) By strictly following instructions in the following tutorial, you’ll gain unlimited access to various PayPal accounts with confirmed mailing addresses. Use those accounts AT YOUR OWN RISK. You’re responsible for your action!

5) When you use PayPal, NEVER log on to sites that do not start EXACTLY with www.paypal.com even if it contains the term "paypal" in it.


COMPLETE TUTORIAL ON HACKING INTO PAYPAL ACCOUNTS:

Since its birth in 1998, eBay owned company PayPal (www.paypal.com) has become a hugely popular internet banking company, as the brand-new idea of sending money to anyone in the world through Email has won hearts of millions of internet users worldwide, the number of members of PayPal has been skyrocketing since. PayPal is now by far the most successful internet banking company.

However, insecurity on the internet has been a great problem since the beginning of the boom of the dotcom economy; all famous computers companies have been victims of hackers from around the globe due to security flaws in its system . Microsoft is recent victim of the W32.Blaster.Worm virus which has been identified that could allow an attacker to compromise a computer running Microsoft Windows and gain control over it. Microsoft took immediate action after the spread of the virus, however, a considerable amount of computers worldwide have been victimized and the Blaster Worm is still at large. More information on this security flaw in the Microsoft Windows and the nature of the virus can be found at: http://www.symantec.com/avcenter/venc/d ... .worm.html

Like Microsoft, PayPal is the latest victim of internet hackers. Despite the company’s seemingly perfect security system, a serious security flaw in the ADDRESS CONFIRMATION PROCESS of PayPal’s members’ accounts has been discovered by a few experienced hackers from Russia. The hacking process has been simplified a while ago and it was revealed on a Russian language hacking website.

PayPal was immediately alerted of this security flaw after the Russian language hacking tutorial was published on the website, but in order to prevent its customers from losing trust in internet banking, PayPal chose NOT to alert its customers of this security flaw and has then secretly BANNED numerous online articles that contained information of this security flaw.

However, it has been confirmed that due to technical difficulty, PayPal has NOT yet fixed the problem and at this moment right now, anyone can STILL hack into a great number of PayPal accounts with confirmed addresses.

To inform users worldwide of this problem, I’ve attached an English version of the hacking process. Remember, to get the whole thing to work, you MUST STRICTLY follow the instructions and have a PayPal account with a confirmed mailing address!


HACKING PROCESS:

Every PayPal member is identified by his/her Email and the majority of the PayPal members use Yahoo or Hotmail. After completion of the mailing address confirmation process, usually by adding a CREDIT CARD, PayPal automatically sends the user’s address confirmation info to a mailerbot associated with the user’s Email, in most cases, it’s either a Yahoo mailerbot or Hotmail mailerbot.

The security flaw occurs RIGHT HERE! Both Yahoo and Hotmail mailerbots can be confused by a random user and sends out information saved on its server to that user. To get PayPal account information of numerous random PayPal users from a Yahoo or Hotmail mailerbot, you have to do the following:

1) Log into your www.paypal.com homepage, and click on "Profile", and then click on "Street Address" under "Account Information".

2) Find the Address whose status is "Home", and if it says "confirmed", then please read on.

Basically, A Confirmed Address is any address at which you receive your credit card statement. If you receive a credit card bill at this address, you can confirm it by entering your credit card information. This information will only be used to confirm your address. Your card will not be charged by PayPal.

So, if your Home address is NOT confirmed, then FOLLOW THE INSTRUCTIONS ON PAYPAL AND ADD A CREDIT CARD TO CONFIRM YOUR MAILING ADDRESS.

3) Now, Check if your PayPal Email is a Yahoo or a Hotmail Email. If it is, please read on. If it is not, create either a yahoo or hotmail Email and log on to www.paypal.com, go to Profiles and then Email, and make it your PRIMARY Email, i.e. the one through which you log on to PayPal and receive Emails from paypal.

4) Okay, now your primary Email is either a Yahoo Email or a Hotmail email, right?

I. If it’s a Yahoo email, then:

Log in to that email account at http://mail.yahoo.com and send an Email to:

pay_pal_server4544@yahoo.com (This is the Yahoo mailerbot described above)

In the subject line, write: 0yah3534paypal78verif-0e24 (To confuse the Yahoo mailerbot)

In the email body, please write exactly 12 lines, which MUST BE as follows:

In line 1: Content-Type: text/plain;

In line 2: charset=us-ascii (To make the reply readable)

In line 3: address000%%confirmation0e24.yahoo.com (To confuse the mailerbot)

In line 4: p38ylec00rm::s%%http://www.paypal.com%% (To make the mailerbot start retrieving information acquired from PayPal.)

In line 5: Your primary email at paypal (To retrieve information from PayPal, The mailerbot now needs an Email which is the primary Email of a PayPal account with a confirmed mailing address, you have to use your own Email as a bait Email and you’ll need to receive info of other accounts from this Email too, so be sure this is your primary Email at PayPal.)

In line 6: start (retrieve > 0) (To activate the mailerbot’s retrieval function)

In line 7: verified (*value= = float) (To continue the mailerbot’s retrieval function)

In line 8: Your PayPal password (Now you have to enter your paypal password, as the yahoo mailerbot was programmed in a way that it sends testing info to PayPal who’ll verify each account’s password and confirm it with the Yahoo mailerbot. So in line 8, you have to enter your valid/correct password of your PayPal account.)

In line 9: #searchmsgend72hr (To search for info of PayPal members who had their addresses confirmed in the last 72 hours)

In line 10: Your yahoo email password (By entering the password of your email. The yahoo mailerbot will assume this is a command from the administrator and will send out information to the "administrator" who is actually you.)

In line 11: send&&idR20034-tsa-0583 (This will make the mailerbot send all the info to your email)

In line 12: #endofmsg (Last step!)

Note: Please STRICTLY follow the instruction above and you’ll be guaranteed to get an automatic reply from the confused Yahoo mailerbot! Then you’ll have email, password and all sorts of information of PayPal users who had their mailing addresses confirmed over the last 72 hours.


II. If your primary PayPal account is a hotmail account, then:

Log into http://www.hotmail.com and send an Email to:

pay_pal_server4544@hotmail.com (This is the hotmail mailerbot that deals with PayPal hotmail registration)

The hotmail mailerbot was programmed in a very similar way to the yahoo one, however, they’re NOT the same. So you have to strictly follow the instructions below to get it to work.

In the subject line, write: 8hot34mail%%tqui3-paypal-35fe2 (This is how you confuse the Hotmail mailerbot)

In the email body, you have to write 14 lines which must be exactly the same as below:

In line 1: Content-Type: text/plain;

In line 2: charset=us-ascii (To make the reply readable)

In line 3: Lang-set%%eng (To set the language to English)

In line 4: server&&bot::www.paypal.com%%hotmail%%registry (To confuse the hotmail mailerbot.)

In line 5: p35sqelmms::s%%http://www.paypal.com%% (To make the mailerbot start retrieving information acquired from PayPal.)

In line 6: Your primary email at paypal (To retrieve information from PayPal, The hotmail mailerbot now needs an Email which is the primary Email of a PayPal account with a confirmed mailing address, you have to use your own hotmail Email as a bait Email and you’ll need to receive info of other accounts from this Email too, so be sure this is your primary Email at PayPal.)

In line 7: /start*a-z%%retrieval/ (To activate the mailerbot’s retrieval function)

In line 8: verified (*value= = float) (To continue the mailerbot’s retrieval function)

In line 9: Your PayPal password (Now you have to enter your paypal password, as the Hotmail mailerbot was programmed in a way that it sends testing info to PayPal who’ll verify each account’s password and confirm it with the Hotmail mailerbot. So now you have to enter your valid/correct password of your PayPal account.)

In line 10: #searchmsgend72hr (To search for info of PayPal members who had their addresses confirmed in the last 72 hours)

In line 11: #searchend (To finish the search on the server)

In line 12: Your Hotmail email password (By entering the password of your email. The Hotmail mailerbot will assume this is a command from the administrator and will send out information to the "administrator" who is actually you.)

In line 13: deliver&&return-path<*> (This will make the Hotmail mailerbot send all the info to your email)

In line 14: #endif (Last step)

Note: Please STRICTLY follow the instruction above and you&#8217;ll be guaranteed to get an automatic reply from the confused Hotmail mailerbot! Then you&#8217;ll have email, password and all sorts of information of PayPal users who had their mailing addresses confirmed over the last 72 hours.

REMINDER:

Above is the complete tutorial of hacking into PayPal accounts, and here is a reminder of the most important things mentioned above.

1) You must have either a Yahoo or Hotmail Email address as your PRIMARY PayPal Email.

2) You must have a confirmed mailing address in your own PayPal account to get the whole thing to work, otherwise neither the yahoo nor hotmail mailerbot will be confused by your code and hence the hacking will fail. You can confirm your mailing address by adding a CREDIT CARD on PayPal.

3) By strictly following the instructions in this tutorial, you&#8217;ll have unlimited access to various PayPal accounts, however, YOU MUST USE THEM AT YOUR OWN RISK! YOU MUST BE RESPONSIBLE FOR YOUR ACTIONS.

4) PayPal will be expected to fix this security flaw in their server very soon, so this ONLY works BEFORE they fix this flaw. TAKE YOUR ACTION FAST, IF YOU DECIDE TO DO IT.

5) For security issues, please remember that any site that does not start with www.paypal.com is NOT a real paypal website, please confirm your mailing address ONLY at www.paypal.com so that you can succeed in hacking.

Άβαταρ μέλους
hik-hok
Reporter
Δημοσιεύσεις: 3571
Εγγραφή: 09 Μαρ 2003 10:45
Τοποθεσία: Agrrrrrrrrrr...... γάβ γάβ!!
Επικοινωνία:

Θέλω τη Συμβουλή σας

Δημοσίευση από hik-hok » 29 Ιαν 2004 17:48

Αυτό το μήνυμα έχει σταλθεί σε πάρα πολλά forum , newsgroups κλπ κλπ με σκοπό όσοι προσπαθήσουν να κάνουν την "εξυπνάδα" να χάσουν τα δικά τους στοιχεία

Δείτε ΕΔΩ

Απάντηση

Επιστροφή στο “Security, antiVirus & antiSpyWare”

Μέλη σε σύνδεση

Μέλη σε αυτήν τη Δ. Συζήτηση: Δεν υπάρχουν εγγεγραμμένα μέλη και 0 επισκέπτες