RE: New Trojan?

[Chris Santerre <csanterre () MerchantsOverseas com>]

> -----Original Message-----
> From: Jeff [mailto:Jeff@Not_A_Real_Address.com]
> Sent: Monday, June 28, 2004 3:15 PM
> To: security-basics () securityfocus com
> Subject: New Trojan?
*snip*

> 3. Mis-typing a URL will now take me automatically to
>    www.netidentity.com with the mistaken URL clearly
>    identified inside. Identical results on IE6 and Firefox.
>    Java and Javascript are disabled on Firefox. I leave IE6
>    alone because I use it when I absolutely must go to some
>    bogus activex site, oh, and windowsupdate. But I don't use
>    it otherwise. I always use Firefox.
>
>    URLs that caused this include: mapblast, mapquest, abc, def
>    ... through xyz.
>
>    Please note: I had typed "mapblast" but had hit Enter rather
>    than Ctrl-Enter, by mistake. The URLs entered are literally
>    those listed, just the word.
>
>    They are then transformed to http://mapblast/

Check this:
http://tinyurl.com/2y76v

hth a little,

Chris Santerre 
System Admin and SARE Ninja
http://www.rulesemporium.com
http://www.surbl.org
'It is not the strongest of the species that survives,
not the most intelligent, but the one most responsive to change.'
Charles Darwin 

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------