nsa smtp spoofing

Vulnerability to the NSA SMTP server

An Indian hacker known by the nickname “Godzilla” managed to locate one στην ιστοσελίδα της NSA που επιτρέπει σε έναν εισβολέα την αποστολή ψεύτικων μηνυμάτων ηλεκτρονικού ταχυδρομείου από τον SMTP server of NSA.

The NSA's SMTP server allows anyone to use the service without checking their IP and password s. The most interesting part is that it allows you to use any email address (for example: admin@nsa.gov).

This vulnerability can be exploited by an attacker to launch a spear phishing attack. An attacker can send e-mail to anyone with addresses that appear to be from the Secret Service. . So by using the NSA's SMTP server, the message will not be automatically transferred to spam by the protection filters of e-mail services, such as the Gmail service.

On a screenshot that posted it EHN, the hacker used the NSA's email manager “Gen Keith B ” (KeithAlexander@nsa.gov) to send it to someone else.

"The message appears to have been sent with the of the principal, and no one will dare to pass the message without reading it.”

"SMTP is a dangerous protocol and if you don't know how to secure it, you better shut it down."

“Stupid NSA you are lucky to be December 31st and we are not available to load malwares on your server, ”Hacker said.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.082 registrants.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).