Spamvertised Client-Side Exploits Serving Adult Content Themed Campaign

May 28, 2010

There's no such thing as free porn, unless there are client-side exploits in the unique value proposition's mix.

A currently spamvertised campaign is doing exactly the same, in between relying on the recent CVE-2010-0886 vulnerability. Let's dissect the campaign, and combine the assessment with historical OSINT data, given the fact that the 2nd phone back location, including the binary hosted there are currently down.

Key summary point: although the exploitation is taking place, the campaign is currently failing to drop actual binary, returning NOEXEFILE error message. The post will be updated once the situation changes.

a

This post has been reproduced from Dancho Danchev's blog. Follow him on Twitter.

About Dancho Danchev

Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com

Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

Spamvertised Client-Side Exploits Serving Adult Content Themed Campaign

About Dancho Danchev

0 Comments:

RSS Feed

Search This Blog

About Me

Blog Archive

Tags

Popular Posts