[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] [funsec] nasty infection from following link if anyone is interested

To: RandallM <randallm@xxxxxxxxxxx>, full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] [funsec] nasty infection from following link if anyone is interested
From: Juha-Matti Laurio <juha-matti.laurio@xxxxxxxx>
Date: Wed, 25 Nov 2009 22:16:30 +0200 (EET)

Your modifications doesn't prevent your link to be clickable in all mail 
clients.
Please use methods
http : // and/or
archive1329101302 . heddasq

next time...

Juha-Matti

RandallM [randallm@xxxxxxxxxxx] kirjoitti: 
> one of my sales people fell for a "someone posted a picture of you" emails.
> 
> Got a real nasty that came with, according to malwarebytes, "Pawnd.bot
> and Backdoor.bot".
> Havent checked it out yet but thought I would share it.
> 
> 
> The link is this:
> (REMOVETHISFIRSThttp://archive1329101302.heddasq.eu/photo-hosting/)
> 
> -- 
> been great, thanks
> a.k.a System

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] [funsec] nasty infection from following link if anyone is interested
  - From: Dragos Ruiu

Prev by Date: [Full-disclosure] nasty infection from following link if anyone is interested
Next by Date: Re: [Full-disclosure] {Spam?} [funsec] nasty infection from following link if anyone is interested
Previous by thread: Re: [Full-disclosure] {Spam?} [funsec] nasty infection from following link if anyone is interested
Next by thread: Re: [Full-disclosure] [funsec] nasty infection from following link if anyone is interested
Index(es):
- Date
- Thread