Trojan Programs from web site link in Security_Wire_Digest@bdcimail.com newsletter

From: David Lane (dvlane@cats.ucsc.edu)
Date: 05/21/02


From: "David Lane" <dvlane@cats.ucsc.edu>
To: <security-basics@securityfocus.com>
Date: Tue, 21 May 2002 09:35:53 -0700

Hello, In a newsletter I received from Security Wire Digest on May 20, 2002
they have a link to a web site that when clicked attempts to download two
Trojan programs, which were blocked on my machine by McAfee software which I
have set to scan all download files. I sent a notice back to Security Wire,
below, but have not received a response and I just clicked on the link again
and it is still trying to download the Trojans. I just wanted to make
others aware of this problem and also to ask if anyone else had problems
with this organization. I am ready to unsubscribe to this newsletter unless
I get a response from them. Do not click on the link unless you have your
virus software set to scan all files that are downloaded.

Message to Security Wire:

subject:RE: SECURITY WIRE DIGEST, VOL. 4, NO. 39, MAY 20, 2002

Security Wire personnel:

Please note when I clicked on the link in your newsletter,
"http://sec.greymagic.com/adv/gm004-ie" the web site attempted to download
two Trojan programs to my computer. The files were identified by McAfee as
MIA2B4ff and MV8R26CG. Both were listed a variants or JS/Espolint-LocalCSS.
I repeated this process twice with the same results.

David Lane
University of California Santa Cruz
Internal Audit and advisory services



Relevant Pages