Phishing and Spamming via IM (SPIM)

Published: 2006-12-02
Last Updated: 2006-12-02 20:21:10 UTC
by Koon Yaw Tan (Version: 1)
0 comment(s)
Our reader Robert has shared with us on a case that a malicious file was detected when one of his user click on a link that arrived via MSN messenger. The malicious file is identified by MSNMaker or Licat.gen.

It has been getting common that attackers are hijacking IM for phishing attempts. Most people are getting aware of phishing through email and smarter not to fall into the trap. However, using IM to trick people may still not as well known to most people. You should not blindly trust links received in IM, even if the link comes from a friend. Such links could be part of an IM worm or bait for a phishing scam.

Keywords:
0 comment(s)

MySpace QuickTime Worm

Published: 2006-12-02
Last Updated: 2006-12-02 19:04:45 UTC
by Koon Yaw Tan (Version: 1)
0 comment(s)
Juha-Matti has sent us some information regarding malicious codes spreading on MySpace network using Javascript support within Apple's embedded QuickTime player. Websense has also confirmed this.

Extracted from Websense writeup:

Once a user's MySpace profile is infected (by viewing a malicious embedded QuickTime video), that profile is modified in two ways. The links in the user's page are replaced with links to a phishing site, and a copy of the malicious QuickTime video is embedded into the user's site. Any other users who visit this newly-infected profile may have their own profile infected as well.

An infected profile can be identified by the presence of an empty QuickTime video or modified links in the MySpace header section, or both.

More details:
http://www.websense.com/securitylabs/alerts/alert.php?AlertID=708
http://www.neowin.net/index.php?act=view&id=36299
http://www.neowin.net/forum/index.php?showtopic=517166

Keywords:
0 comment(s)

Comments


Diary Archives