Educause Security Discussion mailing list archives
Re: PNG based spam/malware
From: Joe St Sauver <joe () OREGON UOREGON EDU>
Date: Wed, 6 May 2009 10:40:48 -0700
Hi Pat! #My question: does anyone have a recommendation for a toolkit to *check* #such an image, short of actually viewing it in a vulnerable browser or #image viewer? I'd really like to document an example of what such #spam/malware looks like and what it can do. http://wepawet.cs.ucsb.edu/ will let you check PDFs (however, as with all tools, just because it may not find anything, that doesn't mean you're necessarily safe, etc., etc.) That said, most of the image spam I've seen have been just that, vanilla image spam, not anything exotic. I would also note that depending on your spam filtering solution, you may be able to use solutions such as FuzzyOCR to extract just the relevant URLs, if that's all you need. Regards, Joe
Current thread:
- PNG based spam/malware Patrick P Murphy (May 06)
- <Possible follow-ups>
- Re: PNG based spam/malware Joe St Sauver (May 06)