Suspicious Emails inderectly leading to virus infection



According to The August 4th entry of the isc.sans.org handlers diary, there are some peculiar emails going around. They claim to be for an article claiming an explosion kills 140 in Iraq. It contains a link to a news article that has been altered from it’s original (140 instead of 14 for instance.) It also contains some nasty surprises for the visitor. There is an exploit that requires no user intervention, A cross-site scripting vulnerability (MS05-001) is exploited which runs ppp.hta from your hard drive, which creates a file called netlog.exe, which is launched by Media Player (??), which then retrieves a copy of win32sba.exe, which is the robobot backdoor.

Once the backdoor is on the system, of course, the system is “owned”. The email contains many mispellings apparently. It’s good to be suspicious of any unexpected emails you receive and be hesitant about clicking on links in emails from unusual sources.

Related Posts

Blog Traffic Exchange Related Posts
  • How to Remove Desktop Defender 2010 | Removal Guide Desktop Defender 2010 is a rogue antivirus program. It will prompt you with popups complaining about various problems that it claim your system has as well as scanning your computer and consistently finding some files to complain about. It also claims that it cannot fix the problems with your system......
  • How to Remove BlockScanner | Removal Guide BlockScanner looks very much like it's sibling blockwatcher and indeed these two rogue antivirus applications come from the same prolific family (wini). This family includes numerous other rogue antivirus appications such as... Softbarrier (softbarrier removal) and many others have looked the same... Shieldsafeness (see the shieldsafeness removal guide) as well......
  • Microsoft Outlook - duplicate email messages Part I This will likely be a multi-part story because it turns out the solution was one of the more obscure things I think I've run into AND I thought it was worth "dumping" everything I found out in the process here for my own reference and anyone else wandering through. I......
Blog Traffic Exchange Related Websites
  • Learn How to Get Traffic to Blog When it comes to writing in a blog, simply writing and assuming that traffic will come is not exactly the right way to go about things. If you want to learn how to get traffic to blog, then you need to be willing to take some extra steps to make......
  • How To Be Successful With Email Marketing In this post I'm going to reveal some helpful information about how to make your penis bigger naturally. One of the very best ways to drive traffic to your site is through Email marketing. If you have your email marketing part correct, you won't just get more visitors, you will......
  • How To Benefit From The Article Twin Article Marketing Service. How to benefit from the Article Twin article marketing service. There is, probably, no need to talk more about the value of the article marketing. Organic back links can dramatically increase your web site popularity in search engines, and the article marketing can do the trick, using 100% “white hat”......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site