Jorge Bastos
2018-06-30 09:38:53 UTC
Hi all,
Just an info, not roundcube related but using Roundcube/for roundcube
maints/sysadms.
I've seen in my users, one in a while, some users being hacked in this form:
* Somehow "they" got the user password, the one's I've saw were all
msoutlook users so my guess is that the user got some type or virus/trojan
that send that info to them.
* "they" that info to enter the webmail (not sure if manually or
automatically)
* Ransomware is sent using Roundcube, if you check the sent folders
you'll see emails with .jar attach's (and possible others)
May be handy for someone this info,
Jorge,
Just an info, not roundcube related but using Roundcube/for roundcube
maints/sysadms.
I've seen in my users, one in a while, some users being hacked in this form:
* Somehow "they" got the user password, the one's I've saw were all
msoutlook users so my guess is that the user got some type or virus/trojan
that send that info to them.
* "they" that info to enter the webmail (not sure if manually or
automatically)
* Ransomware is sent using Roundcube, if you check the sent folders
you'll see emails with .jar attach's (and possible others)
May be handy for someone this info,
Jorge,