Security Incidents mailing list archives
RE: New piece of spyware?
From: "Charles Tholen" <ctholen () netforensics com>
Date: Thu, 13 May 2004 15:22:48 -0500
If <nickname> is not you then it is probably a bot in the IRC Channel that is generating the messages. If <nickname> is you then it could be a new piece of spyware/Trojan.. Regards, Charles ------------------------------------ NetForensics Charles Tholen, GSEC Sr. Security Engineer ctholen () netforensics com 1826 Countryside Dr. Frisco, TX 75034 tel: (214)215-3586 ------------------------------------ -----Original Message----- From: caldcv () students fccj org [mailto:caldcv () students fccj org] Sent: Thursday, May 13, 2004 9:04 PM To: incidents () securityfocus com Subject: New piece of spyware? Hi, I have a Windows Server 2003 machine. Lately, I noticed on my mIRC IRC client that something is pasting out ads to the current window. [14:40] <nickname> New threat exploits flaw in Internet Explorer - http://www.addict3d.org/index.php?page=viewarticle&type=news&ID=2039 , please support them by clicking the GOOGLE AD inside the articles on the right. [09:46] <nickname> Sasser worm author needs money - http://addict3d.org/index.php?page=viewarticle&type=news&ID=2035 , also please support us by clicking the AD inside the article on the right. [09:55] <nickname> 'Doom' creator Id - soon to start on new game - http://addict3d.org/index.php?page=viewarticle&type=news&ID=2030 , also please support us by clicking the AD inside the article on the right. [14:49] <nickname> please support http://www.addict3d.org (A computer security website) by clicking a google AD, INSIDE the articles on the right. Thanks alot. :] This last ad was the first one I've seen. I've ran SpyBot S&D and Ad-aware with no results. I've search Google for addict3d with no results either. Thanks, CC. --------------------------------------------------------------------------- ---------------------------------------------------------------------------- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- New piece of spyware? caldcv (May 13)
- Re: New piece of spyware? Valdis . Kletnieks (May 13)
- RE: New piece of spyware? Charles Tholen (May 13)
- Re: Re: New piece of spyware? Andrew Smith (May 14)
- Re: New piece of spyware? Harlan Carvey (May 13)
- RE: New piece of spyware? Rob Shein (May 13)
- Re: New piece of spyware? Rob (May 14)
- <Possible follow-ups>
- Re: New piece of spyware? caldcv (May 14)
- Re: New piece of spyware? Mister Coffee (May 14)
- Dead Thread: New piece of spyware? Daniel Hanson (May 14)
- Solegg ? David Gillett (May 14)
- Re: Solegg ? Pieter (May 14)
- Re: Solegg ? xian (May 14)
- Re: New piece of spyware? Mister Coffee (May 14)