Spyware Warrior Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
 
FAQ :: Search :: Memberlist :: Usergroups :: Register
Profile :: Log in to check your private messages :: Log in

MySpace Phish=Zango Installs

 
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Spyware/Adware in the News
View previous topic :: View next topic  
Author Message
TeMerc
Warrior Obsessed


Joined: 12 Feb 2004
Last Visit: 23 Jan 2014
Posts: 4953
Location: Phx. AZ.

PostPosted: Sat Dec 02, 2006 9:59 am    Post subject: MySpace Phish=Zango Installs Reply with quote

Myspace Phish Attack Leads Users to Zango Content
PG wrote:
A while ago on the Spywareguide Blog, I covered a technique being used in Peer to Peer land involving URLs being embedded in Quicktime movies, which would then pop open a website. This has now been taken to the next level, with an intensive and seemingly never ending Phish attack, the sole aim of which seems to be directing end-users to a collection of Zango movies on a pornographic website. The Phish pages are hosted on compromised servers - presumably the people doing the hacking aren't particuarly brilliant at it, because they keep getting found out (an example of them being caught in the act can be seen here).

How does this attack work?

It begins with a Quicktime file being embedded in a Profile page. If the user "runs" the file (simply visiting the infected page is enough to trigger the attack in most cases), it uses the HREF function to activate some javascript. HREF? Let's take a quick look at the Quicktime website:
Quote:
An HREF track is a special type of text track that adds interactivity to a QuickTime movie. HREF tracks contain URLs that can specify movies that replace the current movie, load another frame, or that load QuickTime Player. They can also specify JavaScript functions or Web pages that load a specific browser frame or window.
Allowing Javascript from a movie file....whoops.
Greynet Blog

Also See Here From Websense
_________________

Ultimate Countermeasures Page
Calendar Of Updates
Malware Advisor Blog
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Spyware/Adware in the News All times are GMT - 8 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group