[funsec] Viral Video - Redneck Videos

Hubbard, Dan dhubbard at websense.com
Thu Mar 15 22:10:23 CDT 2007

Not only is the lure subject: "Viral Video" but  the function name in their javascript is 'function makemelaugh". 

This is a follow up post on our alert we added earlier today (see: http://www.websense.com/securitylabs/alerts/alert.php?AlertID=751 <http://www.websense.com/securitylabs/alerts/alert.php?AlertID=751> ). We have since discovered a different SPAM run that is using the same sites but with a different lure on a different compromised site. This version's lure is written in English, not German, and poses as website that hosts video on the web. In particular it lures users to view something called the "Redneck Slingshot". One piece of irony is the subject of the SPAM lure is "must see viral video".

Assuming users click on the link they are redirected to a site which is hosted in the United States, and was up at the time of this entry. The site appears to also have been compromised and is pointing to the same site that our previous alert outlined (see: http://www.websense.com/securitylabs/alerts/alert.php?AlertID=751 <http://www.websense.com/securitylabs/alerts/alert.php?AlertID=751> ))


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://linuxbox.org/pipermail/funsec/attachments/20070315/74ccd9d7/attachment.html

More information about the funsec mailing list