[Full-Disclosure] Re: New Virus under way ...
From: David Schultz <evil_genius@mac.com>
Date: Fri Mar 19 2004 - 11:48:57 EST
Date: Fri Mar 19 2004 - 11:48:57 EST
On 3/18/04 11:24 AM, "full-disclosure-request@lists.netsys.com"
<full-disclosure-request@lists.netsys.com> wrote:
> Message: 2
> got a strange Mail 2day:
>
> Subject: RE: Protected message
> From: 20030814171411.10246.qmail@www.securityfoc
>
> link to virus is ...
> http://221.153.61.232:81/100721.php
>
> Host is in Korea, abuse warning has been sent.
>
> can anyone verify what kind of malware that is ?
>
> Helmut
The php script has a download link from the same web server. The linked file
is a jpg that has what norton corporate version 8.00.9374 calls
bloodhound.packed (defs are 3/10/04 rev 5)
DVS
-- "If you want to eat hippopotamus, you've got to pay the freight." -attributed to an IBM guy, about why IBM software uses so much memory _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.htmlReceived on Fri Mar 19 12:19:59 2004
This archive was generated by hypermail 2.1.8 : Fri Mar 19 2004 - 13:03:04 EST
Custom Search
