Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Security

Submission + - Storm botnet spams Youtube exploit (blogspot.com)

cottagetrees writes: Security researcher Roger Thompson at Exploit Prevention Labs posted about a big Storm botnet spam that tells the recipient their face is all over 'net on a YouTube video. The hyperlink to the video looks innocent enough, though the html under the link takes the user to an exploitive IP address that attempts a driveby download of the Q4Rollup exploit, a package of about a dozen encrypted exploits. If the user is unpatched against anything, they're hit. Here's the text of the spam I personally received this morning: "Subject: Who is that your with? lol Date: Sat, 25 Aug 2007 09:40:32 -0400 From: To: OMG, what are you doing man. This video of you is all over the net. here is the link I got http://www.youtube.com/watch?v=pAqQ2G671GV (in the html email, the actual hyperlink is to a different address, which I confirmed was exploitive by pasting it into LinkScanner Online at http://linkscanner.explabs.com/linkscanner/default .asp I test all my suspicious hyperlinks here.)
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Storm botnet spams Youtube exploit

Comments Filter:

If in any problem you find yourself doing an immense amount of work, the answer can be obtained by simple inspection.

Working...