Ironworks Gaming Forum

Ironworks Gaming Forum (http://www.ironworksforum.com/forum/index.php)
-   General Conversation Archives (11/2000 - 01/2005) (http://www.ironworksforum.com/forum/forumdisplay.php?f=28)
-   -   * virus * (http://www.ironworksforum.com/forum/showthread.php?t=82187)

*\Conan/* 10-29-2002 07:01 AM
E-card Sneakware Delivers Web Porn

A Trojan horse program created by an Internet adult entertainment company routes surfers to racy sites.
By Kevin Poulsen, Oct 21 2002 12:08AM

It's no coincidence that one of the most recent Trojan horse programs to enter the FBI's bi-weekly rogues gallery of malicious code is named after an Internet porn company.

The program, dubbed "Cytron" by the bureau's National Infrastructure Protection Center (NIPC)and some anti-virus vendors, is a covert browser plug-in that gives Internet Explorer users something they probably don't want: more pop-up ads, promoting a slew of adult websites.

Users are lured into accepting the program through a wholesome e-mail from egreetings@yahoo.com -- a forged return address. The mail looks convincingly like an electronic greeting card notification, with a cute smiley face background and the text "You have received an e-card" in squiggly block letters.

Clicking on the graphic of a cartoon hand holding an envelope takes the recipient to surprisecards.net, where the surprise is an "e-card viewer plug-in" that they have to accept to read the card. If the user accepts the ActiveX control, which is signed with a credibility-boosting digital certificate, Internet Explorer will begin selectively feeding them racy full-sized pop-up ads for adult websites, mostly operated by Canada-based Cytron Communications Ltd. They never do get a greeting card.

Small touches like the convincing domain name and the authentic digital certificate make the ruse smarter than the average covert adware delivery mechanism. "A lot of people see that it's an authentic certificate... and will just mindlessly click okay," says Jonathan Zdziarski, a Georgia software developer who was among the first to detect the spammy scam late last month after receiving one of the e-mails. "I can certainly see how your average doctor or oil change technician or anyone who's not in the technology field would fall for something like that."

The e-card porn Trojan is the latest advancement in an industry known for pushing the envelope.

"There some perfectly legitimate Internet porn operators, but it is a ruthlessly competitive industry that's constantly looking for new ways to get the click," says Jason Catlett, president of the anti-spam company Junkbusters. "They've always been at the leading edge of tactics, legitimate and illegitimate, for getting more traffic."

Watch out you guys!

Davros 10-29-2002 07:51 AM
Gasp - you mean to say there is porn - here on the world wide web??? [img]graemlins/crazyeyes.gif[/img]


All times are GMT -4. The time now is 06:46 AM.

Powered by vBulletin® Version 3.8.3
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
©2024 Ironworks Gaming & ©2024 The Great Escape Studios TM - All Rights Reserved