Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Searching money, finding exploit SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Searching money, finding exploit
Every now and then, when using completely benign search terms in Google and others, the results that come out on top range from "not nice" to "outright hostile". We've received a report from a user who was looking for "money", and what he got presented with was a link to hxxp:// (dont click). The site is booby-trapped with an exploit variant of MS05-054 that is not yet detected by AV.  Conclusion: Careful what you click on. An URL returned by a search engine is not necessarily more trustworthy than one that you receive in a spam message that offers "che ap replcia wathces".

385 Posts
ISC Handler
Dec 28th 2005

Sign Up for Free or Log In to start participating in the conversation!