On Mon, 30 Oct 2000, Prime Internet Network wrote:
> The site that you got this from actually asks you if you want your home
> page changed in small print, then in large print it asks if you are Over 18.
>
> It is a porn site called amateurpie.com
Imagine my horror at thinking that I might have brought this on
myself. :-)
However, this page contains a script that merely re-sets the home page.
This is not the same script that did the damage described earlier. It's
also worth noting that the script at amateurpie.com does not set the home
page to "http://www.sureseeker.com" as with the actual exploit - rather it
sets it to the following:
http://sureseeker.com/?CLICKYESTOENTERIF%20%20YOU%20ARE%20%20OVER%20%2018
This is definitely not the same script. This looks more like a red
herring created hastily by the sureseeker.com people (Cyberheat Inc, who
do seem to operate a number of porn sites), in an attempt to convince
their ISP that what they did had some semblance of legitimacy.
Received on Nov 01 2000
Intro
