Full Disclosure mailing list archives
Re: irc.trojan.fgt - new variant.
From: Jelmer <jkuperus () planet nl>
Date: Thu, 06 Nov 2003 00:38:43 +0100
I guess It's a matter of time before someone hacks in a http server and makes it send out links like http://victim ip/britney.jpg Luckily microsoft patches stuff within 2 days, balmer said so so it must be true ;) ----- Original Message ----- From: Tom Russell To: full-disclosure () lists netsys com Sent: Wednesday, November 05, 2003 9:46 PM Subject: [Full-disclosure] irc.trojan.fgt - new variant. Once again, another variant of irc.trojan.fgt is about. This one masquerades as a web page - jokes.html, and makes the unfortunate recipient say the following: <victim> http:// home.amis .net/krsve9/Pari/jokes.html lol :D (spaces added to URL to prevent accidental infection). The virus files are at the following location: http://kalleth.2tone-dev.com/fd/jokes-html.zip - DO NOT RUN THE EXECUTABLE AS IT IS THE VIRUS. DO NOT OPEN THE HTML PAGE IN INTERNET EXPLORER AS IT IS A VIRUS. </disclaimer> End of message.
Current thread:
- irc.trojan.fgt - new variant. Tom Russell (Nov 05)
- Re: irc.trojan.fgt - new variant. Jelmer (Nov 05)
- <Possible follow-ups>
- RE: irc.trojan.fgt - new variant. ge (Nov 07)
- Re: irc.trojan.fgt - new variant. Jelmer (Nov 07)
- RE: irc.trojan.fgt - new variant. Gadi Evron (Nov 07)
- Re: irc.trojan.fgt - new variant. Jelmer (Nov 07)