[nsp-sec] Calling gmail/google security staff.

Dave Burke dave at amazon.com
Thu Jun 7 17:20:49 EDT 2012 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sounds a little similar to
http://blog.cloudflare.com/post-mortem-todays-attack-apparent-google-app

On 6/7/12 10:16 PM, Mattias Ahnberg wrote:
> ----------- nsp-security Confidential --------
> 
> Greetings, one of my hobby projects is running an IRC network
> called DALnet, and last year or so we've had a stubborn pakistani
> user who has really gotten onto our nerves. He has been getting
> quite skilled at social engineering our staffs e-mail accounts from
> various big ISPs (comcast, etc). We're talking about a dozen or so
> staff all over the world in various ISPs.
> 
> How he does this is a bit unsure because no ISP has so far given 
> out any information to my colleagues as how they can keep giving up
> e-mail accounts so easily. Comments indicate/hint that he has in
> some cases been able to have "webchat support" with ISPs and 
> through that convinced them, in some other case we think he have 
> called the ISP.
> 
> Either way; because of this we've recommended as many as we can to
> stop using personal e-mail accounts for this purpose and to switch
> to gmail with 2 factor authentication, since we've believed it to
> be very secure and resilient from this.
> 
> Sadly now it seems like even this isn't enough. He recently got 
> ahold of one of our staff members secured google aggount. 2 factor 
> authentication enabled, a "non guessable" recovery e-mail address 
> setup for the account etc.
> 
> I am clueless as how he can accomplish this. It seems very hard to
> get ahold of personal contacts at google to try to assist us, so I
> am reaching out here to see if anyone might be able to help us
> understand what is going on.
> 
> He himself have bragged a number of times that he has "access to 
> staff at big e-mail providers everywhere", but I haven't taken it
> as more than kiddish boasting. But I don't know anymore.
> 
> Anyone at google able to assist? Or any other ideas?
> 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.18 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk/RGzEACgkQvMJ1IGjTxcGmcwCfSXrwu1XjDsL2a3xfIfRt3QI/
z4EAn34AGYbIYZffnnROUbEkhcYwp6bT
=5ony
-----END PGP SIGNATURE-----



Amazon Data Services Ireland Limited registered office: Riverside One, Sir John Rogerson's Quay, Dublin 2, Ireland. Registered in Ireland. Registration number 390566.

More information about the nsp-security mailing list