[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <EEPJIMGFPCJDNEAA@mailcity.com>
From: secsquirrel at lycos.com (security squirrel)
Subject: Xmas virus on the cards ?
Hi all -
I noticed this article at http://www.vnunet.com/News/1151553 and it looks alarming - however did not find any more details.
If I understand well an HTML file is renamed to JPG and attached to an email. However I did not manage to reproduce this.
This is my summary of the article:
1. xmas card emails to LEAD to innocent images which are not images but have viruses
2. Mail Filtering systems should handle images just like HTML files + educate
3. ISS reports that this was on a hacker mailing list
4. techniques to bypass firewalls by MISLABELLING html files as JPGs
5. Steven Darrall is a senior consultant at ISS X-Force Security Assessment Services
6. The problem is caused by Microsoft's Internet Explorer (IE) web browser automatically opening files labelled with .jpg or .gif extensions.
7. Hackers have posted a proof-of-concept file in which the content was a script that caused the browser to download and install a virus according to Darrall
8. The site serving the virus has since been shut down
Is the image and attachment or is it simply a link to a .jpg file on an HTTP server? Did anyone manage to reproduce this or can point to the original post on the "hacker mailing list" which describes this?
- Sec-Squirrel :)
____________________________________________________________
Free Poetry Contest. Win $10,000. Submit your poem @ Poetry.com!
http://ad.doubleclick.net/clk;6750922;3807821;l?http://www.poetry.com/contest/contest.asp?Suite=A59101
Powered by blists - more mailing lists