![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg49e-BGGTx-Z7zR-vzUgNP3RzUG2wy7q5Ht1rG1HJw38W93kVKf1TldwjDD9M7sG_ksJJYucNk3NKUYgEr2vKbVg7cPHQUhPsYJbdWyta6qcfAmFX4xJz7uoFywLTJUAlTvlYITQfTwM0/s200/Waterproof_IR_Security_Camera.jpg)
My
101st post - wow! Anyway, it seems like (mirc) script kiddies have decided to play with
IPv6 from now on:
Free4U!~dfgdgd@ACA67BD9.ipt.aol.com MSG!#romania
Just Free!!! http://1050180165/horde/config/update/www.microsoft.com/vista/download/filename(where filename = update-vista.scr)
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj1VCcKS3H7SXVzt6Vp_Lq4XoiQEFhQOhs1SjQ5o9EfT-UZl77uyiyK_Kp625J9wf0cv5JwF22B0Boda3u17p5izGQlwP9fGZ9jqw2qo__OSaa1Fcj-9G5x5BKbjvufg6pi_DHoimUhRMs/s200/VirusTotal+-+Free+Online+Virus+and+Malware+Scan+-+Result_1188405986343.png)
Notice the "
1050180165". The IP is the new shiny
IPv6 (click to read more about it on Wikipedia). The file is a trojan mirc script, allowing the controller to do whatever he wants with your PC. Imposing as a "microsoft vista update", the controller will probably have several hits. Fortunately, it's detected as Parite.B by most antivirus vendors, as tested in Virustotal.
The IPv6 will be a problem to be detected by some IRC channel protection scripts. Thankfully, without the
http:// part, it is not clickable, therefore not easy for the newcomers to copy&paste.
No comments:
Post a Comment