On 10/2/19, Curt <cu...@free.fr> wrote: > On 2019-10-02, Torben Schou Jensen <t...@swampthing.dk> wrote: >> Interesting story. >> >> I am missing technical details. >> I do not understand how preview of e-mail can result in hackers stealing >> userid and password, what kind of mail program was used? >> > > Yeah, it's better to go directly to the publicly available incident report: > > https://imagedepot.anu.edu.au/scapa/Website/SCAPA190209_Public_report_web_2.pdf >
Thanks for the link! > But the email program used by Client 0 is unspecified. As is the operating system - or did I miss that? Lee > The original spearphishing email (which is assumed to have contained > some sort of self-executable code) was deleted (too late!) and proved > unrecoverable. > > Subsequent spearphishing emails, however, used Word attachments as a > vector (Appendix A, B, and C of the report). I also note a zip file > attachment in the Appendix. > > -- > "There are no foreign lands. It is the traveler only who is foreign." > -- Robert Louis Stevenson > >
