Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?
Back for a limited time - Get 15% off sitewide on Slashdot Deals with coupon code "BLACKFRIDAY" (some exclusions apply)". ×

Submission + - Storm botnet spams Youtube exploit (

cottagetrees writes: Security researcher Roger Thompson at Exploit Prevention Labs posted about a big Storm botnet spam that tells the recipient their face is all over 'net on a YouTube video. The hyperlink to the video looks innocent enough, though the html under the link takes the user to an exploitive IP address that attempts a driveby download of the Q4Rollup exploit, a package of about a dozen encrypted exploits. If the user is unpatched against anything, they're hit. Here's the text of the spam I personally received this morning: "Subject: Who is that your with? lol Date: Sat, 25 Aug 2007 09:40:32 -0400 From: To: OMG, what are you doing man. This video of you is all over the net. here is the link I got (in the html email, the actual hyperlink is to a different address, which I confirmed was exploitive by pasting it into LinkScanner Online at .asp I test all my suspicious hyperlinks here.)
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Storm botnet spams Youtube exploit

Comments Filter:

To restore a sense of reality, I think Walt Disney should have a Hardluckland. -- Jack Paar