Security Incidents mailing list archives
Re: New piece of spyware?
From: "Rob" <johnnehb () hotmail com>
Date: Fri, 14 May 2004 00:06:56 -0400
At first I thought this was a virus that my friend had a while back, but then I checked the site you posted. It actually is a security site, and looks legit so.. If its your client sending the adverts, check your .ini files for timers (search for something related to sockets (GET)) and if its not yours then its just a basic news site script modified for this site. Hope this helps -Robert ----- Original Message ----- From: <caldcv () students fccj org> To: <incidents () securityfocus com> Sent: Thursday, May 13, 2004 10:04 PM Subject: New piece of spyware?
Hi, I have a Windows Server 2003 machine. Lately, I noticed on my mIRC IRC
client that something is pasting out ads to the current window.
[14:40] <nickname> New threat exploits flaw in Internet Explorer -
http://www.addict3d.org/index.php?page=viewarticle&type=news&ID=2039 , please support them by clicking the GOOGLE AD inside the articles on the right.
[09:46] <nickname> Sasser worm author needs money -
http://addict3d.org/index.php?page=viewarticle&type=news&ID=2035 , also please support us by clicking the AD inside the article on the right.
[09:55] <nickname> 'Doom' creator Id - soon to start on new game -
http://addict3d.org/index.php?page=viewarticle&type=news&ID=2030 , also please support us by clicking the AD inside the article on the right.
[14:49] <nickname> please support http://www.addict3d.org (A computer
security website) by clicking a google AD, INSIDE the articles on the right. Thanks alot. :]
This last ad was the first one I've seen. I've ran SpyBot S&D and Ad-aware
with no results. I've search Google for addict3d with no results either.
Thanks, CC. --------------------------------------------------------------------------
-
--------------------------------------------------------------------------
--
--------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- New piece of spyware? caldcv (May 13)
- Re: New piece of spyware? Valdis . Kletnieks (May 13)
- RE: New piece of spyware? Charles Tholen (May 13)
- Re: Re: New piece of spyware? Andrew Smith (May 14)
- Re: New piece of spyware? Harlan Carvey (May 13)
- RE: New piece of spyware? Rob Shein (May 13)
- Re: New piece of spyware? Rob (May 14)
- <Possible follow-ups>
- Re: New piece of spyware? caldcv (May 14)
- Re: New piece of spyware? Mister Coffee (May 14)
- Dead Thread: New piece of spyware? Daniel Hanson (May 14)
- Solegg ? David Gillett (May 14)
- Re: Solegg ? Pieter (May 14)
- Re: Solegg ? xian (May 14)
- Re: New piece of spyware? Mister Coffee (May 14)
- RE: New piece of spyware? Rob Shein (May 14)