On Jun 10, 2013, at 9:30 PM, Dave Warren <da...@hireahit.com> wrote:
> I doubt it's "a guy", but it wouldn't surprise me if the botnet that performs > the dictionary attack forwards the results off to "a guy" to confirm that > the account works. no, really, it's a bot. They have tens of millions of compromised accounts, that they burn through on an hourly basis. There's no need to check anything, they just 'do' and what doesn't work doesn't cost them money, they move on to the next unit, and try again. i've no end of examples of stuff from live spam where the payload or redirect is broken due to take-down, I can't imagine they didn't check those, too. By bot.
smime.p7s
Description: S/MIME cryptographic signature
