b*****d 发帖数: 61690 | 1 【 以下文字转载自 USANews 讨论区 】
发信人: brihand (brihand), 信区: USANews
标 题: 拉里团队智商堪忧:一个typo引起的hacking
发信站: BBS 未名空间站 (Tue Dec 13 16:15:58 2016, 美东)
The hack and eventual release of a decade’s worth of Clinton campaign head
John Podesta’s emails may have been caused by a typo, reports the New York
Times.
On March 22, Podesta received an email purportedly from Google saying
hackers had tried to infiltrate his Gmail account. When an aide emailed the
campaign’s IT staff to ask if the notice was real, Charles Delavan, replied
that the email was “a legitimate email" and that Podesta should “change
his password immediately.”
The email was not legitimate. It was a phishing email that ultimately
revealed Podesta’s password to hackers. Soon after, WikiLeaks began
releasing 10 years of Podesta’s emails.
Delavan told the Times he had intended to type ‘illegitimate,” a typo he
still has not forgiven himself for making.
Instead of telling the aide that the email was a threat and that a good
response to the threat would be to change his password on Google’s real
website, he had inadvertently told the aide to click on the fraudulent
email and give the attackers access to the account.
In late October the firm SecureWorks identified a Bit.ly account and
Wikileaks-released email that appeared to have been used to attack Podesta’
s account.
The Bit.ly service shortens web addresses, which can make them easier to
share – and less likely to set off malicious website alarms. SecureWorks
found a Bit.ly account being used by hackers containing links to a spate of
phishing sites with victim information encoded in the web address.
SecureWorks soon found the email, and Delavan’s response, in the Wikileaks
archive.
The Podesta leaks dominated the news cycle towards the end of the campaign,
and included then-CNN contributor Donna Brazile giving the Clinton camp
advance warning of questions Clinton would be asked during primary debates.
Brazile is now acting chair of the Democratic National Committee. |
w*p 发帖数: 16484 | 2 看着像是在给自己找台阶下啊。
an illegitimate email要漏掉3个字母才变成a legitimate email |
t*Q 发帖数: 7840 | 3 问题是找错台阶了。
【在 w*p 的大作中提到】 : 看着像是在给自己找台阶下啊。 : an illegitimate email要漏掉3个字母才变成a legitimate email
|
D***s 发帖数: 5613 | 4 嗯,如果是typo用不着告诉他要改密码。这种phishing email直接不理就行了。
【在 t*Q 的大作中提到】 : 问题是找错台阶了。
|
w*****g 发帖数: 16352 | 5 就是,这种屁事还要问lT拿主意,左逼文科生智商堪忧。
★ 发自iPhone App: ChineseWeb 13
★ 发自iPhone App: ChineseWeb 13
【在 D***s 的大作中提到】 : 嗯,如果是typo用不着告诉他要改密码。这种phishing email直接不理就行了。
|
i****a 发帖数: 36252 | 6 正常 IT 锁男会说 fake email. 谁会写illegitimate
【在 D***s 的大作中提到】 : 嗯,如果是typo用不着告诉他要改密码。这种phishing email直接不理就行了。
|
a***e 发帖数: 27968 | 7 和文科生混久了就这样了
★ 发自iPhone App: ChineseWeb 13
【在 i****a 的大作中提到】 : 正常 IT 锁男会说 fake email. 谁会写illegitimate
|
i****a 发帖数: 36252 | 8 看来真可能是英文系出来的
【在 a***e 的大作中提到】 : 和文科生混久了就这样了 : : ★ 发自iPhone App: ChineseWeb 13
|
|
l***y 发帖数: 4671 | 9 要是typo会有个 an,可见不是写错了。
【在 i****a 的大作中提到】 : 看来真可能是英文系出来的
|
p*****h 发帖数: 1369 | 10 一个字,phishing就打发了
【在 i****a 的大作中提到】 : 正常 IT 锁男会说 fake email. 谁会写illegitimate
|