Forensic analysis of PHP/Geeklog compromise by spammers

The Rise of the Spammers:

The person who has coded both the client and the master server (I think that is the same person) is an intelligent person, with strong knowledge of technology, just because there are too many things involved: thread and network programming, mail server modification adding new commands, mask feature, reports, binary auto-removal, UPX compression, …, she also reads the security vulnerabilities mailing lists (bugtraq, full-disclosure, …), and somehow finds out another ones (I haven’t been able to find my vulnerability described in the Internet).

Leave a Reply