PaulDotCom mailing list archives
phishing question
From: mailinglistmatt at gmail.com (Matt Erasmus)
Date: Wed, 2 Dec 2009 08:01:08 +0200
I had a similar incident recently with a Google Image search of all things. The scary thing was the search itself wasn't shady. It was a designer looking for research material for a project he was working on. What happened was he clicked on the image which directed him to the site with the image he was interested in. Once there some malicious Javascript was executed and triggered a download of an install.exe file. While this was happening an animation played that looked like his machine was being scanned for viruses and the like. It's just a pity he was using a Mac and immediately asked me to take a look.... The exe file was actually some scareware which I am still in the processes of picking apart. The javascript in question was heavily obfuscated and, being a bit wet behind the ears with Javascript, I am still going through the code. Still, this type of thing happens every day and is only on the increase... Thanks for sharing your experience, it really helps people like me who are interested in malware and malicious redirection. -- Matt Erasmus -- Be the trouble you want to see in the world.
Current thread:
- phishing question Chris Blazek (Dec 01)
- phishing question PJ McGarvey (Dec 01)
- phishing question Chris Blazek (Dec 01)
- phishing question David Auclair (Dec 02)
- phishing question David Shpritz (Dec 02)
- phishing question David Auclair (Dec 02)
- phishing question Chris Blazek (Dec 02)
- phishing question Chris Blazek (Dec 02)
- phishing question David Auclair (Dec 03)
- phishing question Chris Blazek (Dec 01)
- phishing question PJ McGarvey (Dec 01)
- phishing question Chris Blazek (Dec 03)
- phishing question Matt Erasmus (Dec 03)
- phishing question Jim Halfpenny (Dec 04)