Re: [Full-disclosure] [funsec] nasty infection from following link if anyone is interested



Haha, and then you included his clickable link in your message
inclusion.
Tsk, Tsk. <chuckle>

cheers,
--dr

On 25-Nov-09, at 12:16 PM, Juha-Matti Laurio wrote:

Your modifications doesn't prevent your link to be clickable in all
mail clients.
Please use methods
http : // and/or
archive1329101302 , heddasq

next time...

Juha-Matti

RandallM [randallm@xxxxxxxxxxx] kirjoitti:
one of my sales people fell for a "someone posted a picture of you"
emails.

Got a real nasty that came with, according to malwarebytes,
"Pawnd.bot
and Backdoor.bot".
Havent checked it out yet but thought I would share it.


The link is this:
(REMOVETHISFIRST http: // archive1329101302 , heddasq,eu/photo-
hosting/)

--
been great, thanks
a.k.a System

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

--
World Security Pros. Cutting Edge Training, Tools, and Techniques
Vancouver, Canada March 22-26 http://cansecwest.com
Amsterdam, Netherlands June 16/17 http://eusecwest.com
pgpkey http://dragos.com/ kyxpgp





_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



Relevant Pages