| TIP: Click on subject to list as thread! | ANSI |
| echo: | |
|---|---|
| to: | |
| from: | |
| date: | |
| subject: | Re: Trojan Blues |
From: Ellen K. OK, stupid question department: How can a file with a JPG extension be seen by the machine as anything but a JPG? (Or is this the exploit?) On Sun, 1 Jan 2006 11:22:55 -0500, "Geo" wrote in message : >http://sunbeltblog.blogspot.com/2005/12/new-wmf-exploit-confirmed-in-spam.html > >In an email advisory I just received from McAfee AVERT labs a new version of >the WMF exploit using new Exploit-WMF code released today has been confimed >in spam attacks resulting in the installation of a new Backdoor-CEP variant. > >An email message containing the Exploit-WMF sample built from this new code >has been spammed. The message appears as follows: > > > Subject: Happy New Year > Body: picture of 2006 > Attachment: HappyNewYear.jpg (actually a WMF file with a .JPG extension) > > >The attachment causes a new BackDoor-CEP variant to be downloaded and run >from www.ritztours[dot]com. > --- BBBS/NT v4.01 Flag-5* Origin: Barktopia BBS Site http://HarborWebs.com:8081 (1:379/45) SEEN-BY: 633/267 270 5030/786 @PATH: 379/45 1 106/2000 633/267 |
|
| SOURCE: echomail via fidonet.ozzmosis.com | |
Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.