While checking my email yesterday at Hotmail I got an email from a nicole smith. The email was an attachment of what appeared to be a valid jpg file: "nicole256.jpg". When I put my mouse on the image I noticed the link on the status bar was not to the "nicole256.jpg" file but instead to another site "hxxp://18.104.22.168/pics/nicole256.php". needless to say, it was a spoofed link to an "exe" file. I downloaded the file and scanned it with avp kav 7.0 with the very latest definitions and it found nothing. Nope, not even as suspicious. I have included 3 screenshots: what appeared as a suspicious string of the source code of the hotmail page and 2 screen captures of the scan from virus total, several scanners did register it as malware and a couple as suspicious. Is this a new technique/method of infecting? For a long time now, hotmail had always restricted almost all attachments but this one seemed to get by with no problem.
Some MySpace profiles hit with a Web attack
Posted by Robert Vamosi
At some point within the last week, some MySpace user pages were seeded with malicious computer code. The malicious code seeks to exploit Microsoft Windows and Internet Explorer using recently patched security holes. The hope is that you haven't patched your computer yet. If you're a MySpace visitor and you visit one of the infected pages, you'll be redirected to a fake MySpace log-in page aiming to steal the visitor's MySpace user name and password. The attack employs phishing and drive-by download techniques.