Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Security

Submission + - Storm botnet spams Youtube exploit (blogspot.com)

cottagetrees writes: Security researcher Roger Thompson at Exploit Prevention Labs posted about a big Storm botnet spam that tells the recipient their face is all over 'net on a YouTube video. The hyperlink to the video looks innocent enough, though the html under the link takes the user to an exploitive IP address that attempts a driveby download of the Q4Rollup exploit, a package of about a dozen encrypted exploits. If the user is unpatched against anything, they're hit. Here's the text of the spam I personally received this morning: "Subject: Who is that your with? lol Date: Sat, 25 Aug 2007 09:40:32 -0400 From: To: OMG, what are you doing man. This video of you is all over the net. here is the link I got http://www.youtube.com/watch?v=pAqQ2G671GV (in the html email, the actual hyperlink is to a different address, which I confirmed was exploitive by pasting it into LinkScanner Online at http://linkscanner.explabs.com/linkscanner/default .asp I test all my suspicious hyperlinks here.)
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Storm botnet spams Youtube exploit

Comments Filter:

The test of intelligent tinkering is to save all the parts. -- Aldo Leopold

Working...