Full Disclosure mailing list archives
Re: [security] Social Eng. with Windows Media Player and Codec Download
From: Marco Ermini <markoer () markoer org>
Date: Tue, 3 Jan 2006 17:44:10 +0100
On 12/28/05, Elia Florio <eflorio () edmaster it> wrote:
Here: hXXp://www.goodmovielaugh.com/video5.html hXXp://www.good-movie-jokes.com/video5.html there's some malware/adware that try to use .ASX files as vector to infect windows machines by forcing users to download and install executables. The trick (not an exploit!!!!) is to convince people that Windows Media Player needs an additional codec....so that users confirm the download of an EXE file.
[...]
The EXE file downloaded is probably some Download.Trojan or Trojan.Clicker packed with Nullsoft NSIS.
[...] It was classified as "Trojan-Clicker.Win32.Bomka.a" Cheers -- Marco Ermini Dubium sapientiae initium. (Descartes) root@human # mount -t life -o ro /dev/dna /genetic/research (This message is for the designated recipient only and may contain privileged or confidential information. If you have received it in error, please notify the sender immediately and delete the original.) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: [security] Social Eng. with Windows Media Player and Codec Download Marco Ermini (Jan 03)