funsec mailing list archives
Viral Video - Redneck Videos
From: "Hubbard, Dan" <dhubbard () websense com>
Date: Thu, 15 Mar 2007 20:10:23 -0700
http://www.websense.com/securitylabs/blog/blog.php?BlogID=114 Not only is the lure subject: "Viral Video" but the function name in their javascript is 'function makemelaugh". :) This is a follow up post on our alert we added earlier today (see: http://www.websense.com/securitylabs/alerts/alert.php?AlertID=751 <http://www.websense.com/securitylabs/alerts/alert.php?AlertID=751> ). We have since discovered a different SPAM run that is using the same sites but with a different lure on a different compromised site. This version's lure is written in English, not German, and poses as website that hosts video on the web. In particular it lures users to view something called the "Redneck Slingshot". One piece of irony is the subject of the SPAM lure is "must see viral video". Assuming users click on the link they are redirected to a site which is hosted in the United States, and was up at the time of this entry. The site appears to also have been compromised and is pointing to the same site that our previous alert outlined (see: http://www.websense.com/securitylabs/alerts/alert.php?AlertID=751 <http://www.websense.com/securitylabs/alerts/alert.php?AlertID=751> ))
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- no more Stargate SG-1? Gadi Evron (Mar 14)
- Re: no more Stargate SG-1? Reed Loden (Mar 15)
- Re: no more Stargate SG-1? Gadi Evron (Mar 15)
- Viral Video - Redneck Videos Hubbard, Dan (Mar 15)
- Re: no more Stargate SG-1? Gadi Evron (Mar 15)
- <Possible follow-ups>
- Re: no more Stargate SG-1? Gadi Evron (Mar 15)
- Re: no more Stargate SG-1? Gadi Evron (Mar 15)
- Re: no more Stargate SG-1? Reed Loden (Mar 15)