Juha-Matti Laurio
Sat, 30 Aug 2008 06:28:56 -0700
A good summary has been released at http://www.insidefacebook.com/2008/08/26/update-facebook-security-fighting-koobface-worm-chain-letters/ [switched to new message title now, handling FB worm etc.] Juha-MattiGadi Evron [EMAIL PROTECTED] kirjoitti:
> Interesting, > Do you or anyone else know more about the account theft that has been > going on with FaceBook. I ask because my kid sister was using it for a > while and she kept on asking why her password was changed. Shortly there > after her friends had the same issue and they had random wall posts > going up. Ideas? I'm just curious.Malware spreading via walls and messages. Click on it and you get your credentials stolen and spam your friends.Facebook.* > > Regards, > Adriel T. Desautels > Chief Technology Officer > Netragard, LLC. > Office : 617-934-0269 > Mobile : 617-633-3821 > http://www.linkedin.com/pub/1/118/a45 > > Join the Netragard, LLC. Linked In Group: > http://www.linkedin.com/e/gis/48683/0B98E1705142 > > --------------------------------------------------------------- > Netragard, LLC - http://www.netragard.com - "We make IT Safe" > Penetration Testing, Vulnerability Assessments, Website Security > > Netragard Whitepaper Downloads: > ------------------------------- > Choosing the right provider : http://tinyurl.com/2ahk3j > Three Things you must know : http://tinyurl.com/26pjsn > > > Steven Adair wrote: >> It seems Imageshack with malicious or at least abusive Flash files is getting more popular. We saw a similar attack, yet far less malicious, on Facebook last week. User's walls were spammed with a messae about someone having a crush on them with a link to an Imageshack flash file. The file then did a full redirect to a dating website. The bad guys are both simply just using them as a jumping point and in some cases playing off of their [somewhat] trusted name. >> >> Steven >> >> On Thu, 28 Aug 2008 09:18:12 -0400, "Discini, Sonny" <[EMAIL PROTECTED]> wrote: >>> Here is another XP/Vista download link: >>> >>> ht tp://img 182.imageshack.us/img182/7145/47024671do7 .swf >>> >>> -- >>> Steve >>> >>> >>> >>> I had a bunch of that come through in 3 separate waves yesterday. >>> >>> The malware download pointed to: >>> Hxxp://89.187.49.18/install.exe >>> >>> Note that the payload is known to Sophos so I'm assuming that most of >>> the other big players also pick it up. Nothing new. >>> >>> Sonny >>> >>> Sonny Discini, Senior Network Security Engineer >>> Office of the CIO >>> Department of Technology Services >>> Montgomery County Government >>> >>> >>> >>> -----Original Message----- >>> From: [EMAIL PROTECTED] >>> [EMAIL PROTECTED] On Behalf Of Steve Pirk >>> Sent: Thursday, August 28, 2008 7:13 AM >>> To: [EMAIL PROTECTED] >>> Cc: Botnets >>> Subject: Re: [phishing] XP update phish/malware >>> >>> >>> Equal bytes for women. >>> >>> On Wed, 27 Aug 2008, Steve Pirk wrote: >>> >>>> Here are some links related to a XP update phish/malware download. >>>> >>>> Image or payload? >>>> ht tp://img 504.imageshack.us/img504/6262/23031231ob0 .swf >>>> >>>> That was the only link in the email. >>>> -- >>>> Steve>>>> Equal bytes for women.
_______________________________________________ botnets@, the public's dumping ground for maliciousness All list and server information are public and available to law enforcement upon request. http://www.whitestar.linuxbox.org/mailman/listinfo/botnets