My 101st post - wow! Anyway, it seems like (mirc) script kiddies have decided to play with IPv6 from now on:Free4U!~dfgdgd@ACA67BD9.ipt.aol.com MSG!#romania
Just Free!!! http://1050180165/horde/config/update/www.microsoft.com/vista/download/filename
(where filename = update-vista.scr)
Notice the "1050180165". The IP is the new shiny IPv6 (click to read more about it on Wikipedia). The file is a trojan mirc script, allowing the controller to do whatever he wants with your PC. Imposing as a "microsoft vista update", the controller will probably have several hits. Fortunately, it's detected as Parite.B by most antivirus vendors, as tested in Virustotal.The IPv6 will be a problem to be detected by some IRC channel protection scripts. Thankfully, without the http:// part, it is not clickable, therefore not easy for the newcomers to copy&paste.
No comments:
Post a Comment