|
Posted by Fitz on August 11, 2006, 11:03 pm
If you were Registered and logged in, you could reply and use other advanced thread options
Thanks for the info Dave.
***
>I don't know how many of you know about this one.
>
> I have been seeing a rise in a new way to get you infected with malware.
> It actually isn't
> too new. It is almost two years old. However its use is rising and may
> become more
> prevelant in the coming months.
>
> Here's the deal.
>
> I am seeing new Social Engineering posts in the alt.binaries.* News
> Groups.
> Instead of directly attaching malware, thes posts are exploiting the
> Windows Media Player
> DRM.
>
> Being posted are WMV files with such names as...
>
> Anna Kournikova Calendar Shoot 2005.wmv
> Charlize Theron And Penelope Cruz Kiss.wmv
> Christina Aguilera Showing Off.wmv
> Courtney Cox Lingerie.wmv
> Debra Messing Covered Up.wmv
> Drew Barrymore Braless.wmv
> Keira Knightly Lap Dance.wmv
> Melyssa Ford in Lingerie.wmv
>
> When you play the WMV files you have to agree to a EULA and when you click
> on "Play Now" it
> will download SETUP.EXE from static.zangocash.com the EXE is a malware
> installer for
> Zango/180Solutions.
>
> The SETUP.EXE file is fairly well recognized such as;
> Ewido: Adware.180Solutions and
> Kaspersky: not-a-virus:AdWare.Win32.180Solutions.as
>
> The WMVs are not so well recognized but here is a sampling...
>
> AntiVir -- EXP/WMV.A.1 , EXP/WMV.A.2
> AVG -- Downloader.Wimad.B
> BitDefender -- Trojan.Wimad.A
> Ewido -- Downloader.Wimad.h
> Fortinet -- W32/WIMAD.C!tr
> Ikarus -- Trojan-Downloader.WMA.Wimad.h
> Kaspersky -- Trojan-Downloader.WMA.Wimad.h
> UNA -- TrojanDownloader.WMA.Wimad.D7FF
>
>
> Some of these WMVs are too large to submit as their sizes surpass the
> maximum submission
> size set by the anti malware vendors.
>
> --
> Dave
> http://www.claymania.com/removal-trojan-adware.html
> http://www.ik-cs.com/got-a-virus.htm
>
>
| 
Yahoo! 
Google 
Windows Live 
del.icio.us 
digg 
Netscape 
XML site map