stephen barncard wrote:
Google didn't choke on this guy and they appear to be binary... images......
I moved the attachment over to a machine I keep quarantined for such explorations, and un-rarred it. In addition to the images there are also some very small Java source files and a Rev stack. I don't have Rev on my quarantine machine so I wasn't able to run it, but looking at the raw data for the stack file it appears to be a runnable stack with a fairly innocuous script.
Either someone went to a lot of work to make a very convincing Trojan horse targeted specifically at the Rev community which uses some obscure and tiny data-embedded hack that eludes most normal means of reviewing the file contents, or this was sent out to the use-rev list members by some weird tech glitch that I can't figure out.
Either way, since I got my copy of that potential-Trojan-horse just minutes after the Rev forum was taken offline from an apparent DoS attack, it's hard not to imagine there may be some connection between the two.
Whether the email is part of the culprit's work or just another victim like all of us who shouldn't have rec'd that unsolicited email remains to be seen.
-- Richard Gaskin Fourth World Rev training and consulting: http://www.fourthworld.com Webzine for Rev developers: http://www.revjournal.com revJournal blog: http://revjournal.com/blog.irv _______________________________________________ use-revolution mailing list use-revolution@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-revolution
