Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Re: Spyware installs with no interaction in IE on fully patched XP SP2 box
From: GuidoZ <uberguidoz () gmail com>
Date: Mon, 4 Oct 2004 23:27:46 -0700

Bingo - that's what I found too. The javascript is what does the dirty work.

--
Peace. ~G


On Mon, 04 Oct 2004 09:55:19 -0500, Willem Koenings <isec () europe com> wrote:

hi,

I was unable to verify it, since I don't use IE, and would prefer not
infecting myself on accident, however I did run across this:

http://themexp.org/about_wrap.php

Perhaps one of the themes you downloaded was bundled with the spyware?

two tiny links from there:

http://WWW.addictivetechnologies.net/dm0/js/Confirm80wu03rd.js
http://www.addictivetechnologies.net/DM0/cab/ATPartners.cab

W.

--
___________________________________________________________
Sign-up for Ads Free at Mail.com
http://promo.mail.com/adsfreejump.htm



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault