Re: [Full-Disclosure] Re: Spyware installs with no interaction in IE on fully patched XP SP2 box

From: GuidoZ (uberguidoz_at_gmail.com)
Date: 10/05/04

  • Next message: 3APA3A: "Re: [Full-Disclosure] [suse-security] Anti-Virus Problem"
    To: Willem Koenings <isec@europe.com>
    Date: Mon, 4 Oct 2004 23:27:46 -0700
    
    

    Bingo - that's what I found too. The javascript is what does the dirty work.

    --
    Peace. ~G
    On Mon, 04 Oct 2004 09:55:19 -0500, Willem Koenings <isec@europe.com> wrote:
    > 
    > hi,
    > 
    > > I was unable to verify it, since I don't use IE, and would prefer not
    > > infecting myself on accident, however I did run across this:
    > >
    > > http://themexp.org/about_wrap.php
    > >
    > > Perhaps one of the themes you downloaded was bundled with the spyware?
    > 
    > two tiny links from there:
    > 
    > http://WWW.addictivetechnologies.net/dm0/js/Confirm80wu03rd.js
    > http://www.addictivetechnologies.net/DM0/cab/ATPartners.cab
    > 
    > W.
    > 
    > --
    > ___________________________________________________________
    > Sign-up for Ads Free at Mail.com
    > http://promo.mail.com/adsfreejump.htm
    > 
    > 
    > 
    > _______________________________________________
    > Full-Disclosure - We believe in it.
    > Charter: http://lists.netsys.com/full-disclosure-charter.html
    >
    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html
    

  • Next message: 3APA3A: "Re: [Full-Disclosure] [suse-security] Anti-Virus Problem"

    Relevant Pages