An Example Email of Someone Trying to Exploit the Confusion Caused by the Recent Heartbleed SSL vulnerability

Written by James McDonald

April 30, 2014

Just saw this in my inbox. An email saying I need to change my Logmein.com SSL cert and a link to ‘new’ cert.

Screenshot of the email:

logmein_ssl

If you Download the ssl.zip and unzip it you get a “logmein_ssl_certificate.pif: PE32 executable (GUI) Intel 80386, for MS Windows”

Fortunately before you get to download the zip file you get a nice big warning page from the Cloudfare CDN saying it’s a fishing site. So you would have to be stupid (or in my case curious) to continue.

cloud_flare

 

 

 

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The reCAPTCHA verification period has expired. Please reload the page.

You May Also Like…

Squarespace Image Export

To gain continued access to your Squarespace website images after cancelling your subscription you have several...

MySQL 8.x GRANT ALL STATEMENT

-- CREATE CREATE USER 'tgnrestoreuser'@'localhost' IDENTIFIED BY 'AppleSauceLoveBird2024'; GRANT ALL PRIVILEGES ON...

Exetel Opt-Out of CGNAT

If your port forwards and inbound and/or outbound site-to-site VPN's have failed when switching to Exetel due to their...