[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] irc.trojan.fgt - new variant.

To: Tom Russell <kalleth@nildram.co.uk>, full-disclosure@lists.netsys.com
Subject: Re: [Full-Disclosure] irc.trojan.fgt - new variant.
From: Jelmer <jkuperus@planet.nl>
Date: Thu, 06 Nov 2003 00:38:43 +0100

I guess It's a matter of time before someone hacks in a http server and makes 
it send out links like
http://victim ip/britney.jpg
Luckily microsoft patches stuff within 2 days, balmer said so so it must be 
true ;)

  ----- Original Message ----- 
  From: Tom Russell 
  To: full-disclosure@lists.netsys.com 
  Sent: Wednesday, November 05, 2003 9:46 PM
  Subject: [Full-Disclosure] irc.trojan.fgt - new variant.

  Once again, another variant of irc.trojan.fgt is about.
  This one masquerades as a web page - jokes.html, and makes the unfortunate 
recipient say the following:

  <victim> http:// home.amis .net/krsve9/Pari/jokes.html lol :D

  (spaces added to URL to prevent accidental infection).

  The virus files are at the following location: 
http://kalleth.2tone-dev.com/fd/jokes-html.zip - DO NOT RUN THE EXECUTABLE AS 
IT IS THE VIRUS. DO NOT OPEN THE HTML PAGE IN INTERNET EXPLORER AS IT IS A 
VIRUS.
  </disclaimer>

  End of message.

References:
- [Full-Disclosure] irc.trojan.fgt - new variant.
  - From: "Tom Russell" <kalleth@nildram.co.uk>

Prev by Date: Re: [Full-Disclosure] POS#1 Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part III
Next by Date: [Full-Disclosure] MDKSA-2003:104 - Updated CUPS packages fix denial of service vulnerability
Previous by thread: [Full-Disclosure] irc.trojan.fgt - new variant.
Next by thread: RE: [Full-Disclosure] irc.trojan.fgt - new variant.
Index(es):
- Date
- Thread