Re: PNG based spam/malware

[Joe St Sauver <joe () OREGON UOREGON EDU>]

Hi Pat!

#My question: does anyone have a recommendation for a toolkit to *check*
#such an image, short of actually viewing it in a vulnerable browser or
#image viewer?  I'd really like to document an example of what such
#spam/malware looks like and what it can do.

http://wepawet.cs.ucsb.edu/ will let you check PDFs (however, as with
all tools, just because it may not find anything, that doesn't mean you're
necessarily safe, etc., etc.)

That said, most of the image spam I've seen have been just that, vanilla
image spam, not anything exotic.

I would also note that depending on your spam filtering solution, you may
be able to use solutions such as FuzzyOCR to extract just the relevant
URLs, if that's all you need.

Regards,

Joe