While doing research on this malware through ads thing i did what I
often do, opened a web page into my text editor (TextPad) which loads
the HTML. I did this to http://www.ynetnews.com/. This is what it
loaded:
<!-- SystemTeam, Realcommerce ltd. 2006 -->
<!-- Vadim::20060125 -->
<HTML>
<HEAD>
<meta http-equiv="Refresh" content="0;
url=/home/0,7340,L-3083,00.html">
</HEAD>
<BODY BGCOLOR="#FFFFFF" style='margin:10' scroll=no>
</BODY>
</HTML>
That's interesting. The actual page is basically empty, but they use a
Meta Refresh with a 0 delay to load the content.
Why would anyone do this?
Larry Seltzer
eWEEK.com Security Center Editor
http://security.eweek.com/
<http://blogs.pcmag.com/securitywatch/>
Contributing Editor, PC Magazine
[EMAIL PROTECTED]
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
