Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Note: You can take 10% off all Slashdot Deals with coupon code "slashdot10off." ×
Security

Submission + - Storm botnet spams Youtube exploit->

cottagetrees writes: Security researcher Roger Thompson at Exploit Prevention Labs posted about a big Storm botnet spam that tells the recipient their face is all over 'net on a YouTube video. The hyperlink to the video looks innocent enough, though the html under the link takes the user to an exploitive IP address that attempts a driveby download of the Q4Rollup exploit, a package of about a dozen encrypted exploits. If the user is unpatched against anything, they're hit. Here's the text of the spam I personally received this morning: "Subject: Who is that your with? lol Date: Sat, 25 Aug 2007 09:40:32 -0400 From: To: OMG, what are you doing man. This video of you is all over the net. here is the link I got http://www.youtube.com/watch?v=pAqQ2G671GV (in the html email, the actual hyperlink is to a different address, which I confirmed was exploitive by pasting it into LinkScanner Online at http://linkscanner.explabs.com/linkscanner/default .asp I test all my suspicious hyperlinks here.)
Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Storm botnet spams Youtube exploit

Comments Filter:

"We learn from history that we learn nothing from history." -- George Bernard Shaw

Working...