spamassassin-blogspam mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "PHSDL" <ad...@phsdl.net>
Subject Zlob Troian Spam Domain Variants
Date Fri, 14 Dec 2007 10:58:11 GMT
I am aware of two Zlob Trojan redirect domains variants.

One is in the forum of an ActiveX that tries to install itself when a 
contaminated Website is opened in a Browser.
When using Northon Anti Viras it would crash the browser and self installed 
itself even if a user did not agree to installation. I do not know if this 
problem with Norton AV has been fixed.

But using NOD32 perevents automatic installation and allows a user to close 
the browser.

Variant two comes as a Java Cab that tries to install itself automatically 
but using Sun Microsystem Virtual Java Machine I can chose not to accept the 
installation.
http://www.java.com/en/index.jsp

There are different way that generates the attack. But all involve going to 
cantaminated site. One porn video site and click on porn video embeded 
pictures, another is just opening a url in a list of many URLs...

Thank you,
Igor Berger
PHSDL
Administrator 


Mime
View raw message