Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Security

+ - Storm botnet spams Youtube exploit->

Submitted by cottagetrees
cottagetrees (1093331) writes "Security researcher Roger Thompson at Exploit Prevention Labs posted about a big Storm botnet spam that tells the recipient their face is all over 'net on a YouTube video. The hyperlink to the video looks innocent enough, though the html under the link takes the user to an exploitive IP address that attempts a driveby download of the Q4Rollup exploit, a package of about a dozen encrypted exploits. If the user is unpatched against anything, they're hit. Here's the text of the spam I personally received this morning: "Subject: Who is that your with? lol Date: Sat, 25 Aug 2007 09:40:32 -0400 From: To: OMG, what are you doing man. This video of you is all over the net. here is the link I got http://www.youtube.com/watch?v=pAqQ2G671GV (in the html email, the actual hyperlink is to a different address, which I confirmed was exploitive by pasting it into LinkScanner Online at http://linkscanner.explabs.com/linkscanner/default .asp I test all my suspicious hyperlinks here.)"
Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Storm botnet spams Youtube exploit

Comments Filter:

You scratch my tape, and I'll scratch yours.

Working...