[Full-Disclosure] Any news on www.kievonline.org site?
matthias.andree at gmx.de
Tue Oct 14 14:07:33 BST 2003
On Tue, 14 Oct 2003, Steve Wray wrote:
> today I found a really wierd email in my inbox,
> which got me curious about this kievonline.org
> that this guy is screaming about (I had never heard of
> it before. I may be an 'infidel' not being moslem
> but they guy has my skintone and drinking habits all wrong!)
Yup, I've got two mails from that admin at kievonline.org From: address.
One sent from someone masquerading as Moshe Koldny, with a "vba3221.jpg"
attached (a black-haired smiling young woman), advertising for a forum,
and one mail that looked exactly like the one Steve quoted.
(Steve, please put your quotation ABOVE your own text, many people
ignore the junk quotation format of Outlook (Express), I almost missed
The forum advertise email was injected at 220.127.116.11 and received by
"my" MX at Monday 2003-10-13 23:09:08 UTC, the offensive "fuck with the
right person" mail was injected at dhcp0877.hil.resnet.group.upenn.edu
[18.104.22.168] and received at 06:46:52 UTC today, Tuesday
2003-10-14. That machine might run an open proxy or something - or be
the offender's machine, can't say.
> When I go to the site, it has a very sad look to it...
> Apparently it was taken down by 'infidels'.
For me, I'll translate it to "infidels" := "people who do not believe in
unfair competition, including email advertising" in the first place --
the period between these two spam mails might be the period where the
ISP or some hacker took the site off-line. Of course, it MIGHT have
religous background, but just as well it MIGHT NOT.
Encrypt your mail: my GnuPG key ID is 0x052E7D95
Full-Disclosure is hosted and sponsored by Secunia.