Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Re: Spyware installs with no interaction in IE on fully patched XP SP2 box

From: GuidoZ <uberguidoz () gmail com>
Date: Mon, 4 Oct 2004 23:27:46 -0700
Bingo - that's what I found too. The javascript is what does the dirty work.

--
Peace. ~G


On Mon, 04 Oct 2004 09:55:19 -0500, Willem Koenings <isec () europe com> wrote:


hi,


I was unable to verify it, since I don't use IE, and would prefer not
infecting myself on accident, however I did run across this:

http://themexp.org/about_wrap.php

Perhaps one of the themes you downloaded was bundled with the spyware?


two tiny links from there:

http://WWW.addictivetechnologies.net/dm0/js/Confirm80wu03rd.js
http://www.addictivetechnologies.net/DM0/cab/ATPartners.cab

W.

--
___________________________________________________________
Sign-up for Ads Free at Mail.com
http://promo.mail.com/adsfreejump.htm



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: