Viral Video - Redneck Videos

["Hubbard, Dan" <dhubbard () websense com>]

http://www.websense.com/securitylabs/blog/blog.php?BlogID=114
 
Not only is the lure subject: "Viral Video" but  the function name in their javascript is 'function makemelaugh". 
 
 
 
:)


This is a follow up post on our alert we added earlier today (see: 
http://www.websense.com/securitylabs/alerts/alert.php?AlertID=751 
<http://www.websense.com/securitylabs/alerts/alert.php?AlertID=751> ). We have since discovered a different SPAM run 
that is using the same sites but with a different lure on a different compromised site. This version's lure is written 
in English, not German, and poses as website that hosts video on the web. In particular it lures users to view 
something called the "Redneck Slingshot". One piece of irony is the subject of the SPAM lure is "must see viral video".

Assuming users click on the link they are redirected to a site which is hosted in the United States, and was up at the 
time of this entry. The site appears to also have been compromised and is pointing to the same site that our previous 
alert outlined (see: http://www.websense.com/securitylabs/alerts/alert.php?AlertID=751 
<http://www.websense.com/securitylabs/alerts/alert.php?AlertID=751> ))

 

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.