bubu2005 Posted February 2, 2012 Report Share Posted February 2, 2012 Utilizatorul nu este avertizat cu ceea ce se intampla, singurul mesaj care apare fiind “se incarca” (loading). E-mail-ul descarca automat in computer virusul, in momentul in care utilizatorul da click pentru a-l deschide.A picat un mit. Virusul care se instaleaza fara sa stii si fara sa deschizi un fiser atasatSursa pro tv Quote Link to comment Share on other sites More sharing options...
gaabytzu Posted February 2, 2012 Report Share Posted February 2, 2012 Interesant. Quote Link to comment Share on other sites More sharing options...
Silviu Posted February 2, 2012 Report Share Posted February 2, 2012 Java Drive By? Quote Link to comment Share on other sites More sharing options...
pyth0n3 Posted February 2, 2012 Report Share Posted February 2, 2012 (edited) Nici macar nu cred ca reuseste sa execute codul de download la mine in calculator , Bafta celor care sau nascut in windows ! Azi gasesti un antidot , maine iese un virus si te pui iar la munca sa cauti un antidot Partea buna e doar pentru cei care fac software development si vin platiti din buzunarele userilor care sunt doar beta testeri e ca si cum toti ar rula in filmul Resident Evil.Mie imi place istoria cu virusul deoarece o sa dureze la infinit .Urez virus development usor tuturor celor care se ocupa de asa ceva. Edited February 2, 2012 by pyth0n3 Quote Link to comment Share on other sites More sharing options...
MazaBoY Posted February 2, 2012 Report Share Posted February 2, 2012 (edited) Si totusi cred ca e o stire inflorita de astia de la protv pana mea ....Edit: Am gasit exact sursa de unde au luat stirea si ei http://www.eleven.de/press-release/items/warning-driveby-spam-infects-pcs-when-e-mail-is-opened.html nu stiu ce sa zic..se poate nu se poate.. Edited February 2, 2012 by MazaBoY Quote Link to comment Share on other sites More sharing options...
dansud2007 Posted February 2, 2012 Report Share Posted February 2, 2012 Si tot nu prea imi vine sa cred ...suna destul de ciudat ! Quote Link to comment Share on other sites More sharing options...
malsploit Posted February 2, 2012 Report Share Posted February 2, 2012 (edited) aproape orice exploatare a unei vulnerabilitati 0day, rezulta in ceea ce ati citit voi. Edited February 2, 2012 by hate.me Quote Link to comment Share on other sites More sharing options...
Starker Posted February 2, 2012 Report Share Posted February 2, 2012 Oricum nu stiu cine ar fi prost sa deschida email-uri care suna 100% a spam gen ... castiga 1000 de euro pe saptamana sau ceva viagra cu extracte de cauciuc... ma rog... tine de prostia omului sa pice in plasa. Quote Link to comment Share on other sites More sharing options...
root_prime Posted February 2, 2012 Report Share Posted February 2, 2012 emailuri citite in sandbox sau de pe vm, alternativ cu citite cu hips activat setat la maxim si o sa intrebe ceara aprobare la orice se incarca in memorie sau se lanseaza prin intermediul altei aplicatii(browser), problem solved Quote Link to comment Share on other sites More sharing options...
Nytro Posted February 3, 2012 Report Share Posted February 3, 2012 Deci e o problema de Outlook sau de Browser? Ce vor sa zica, ca o sa ma infecteze fie ca folosesc Outlook, Thunderbird, Firefox sau Chrome? Quote Link to comment Share on other sites More sharing options...
100 Posted February 3, 2012 Report Share Posted February 3, 2012 bine ma dar mai sunt si activx`urile alea care il incasezi direct de pe pagina... Quote Link to comment Share on other sites More sharing options...
Scorpionadi Posted February 3, 2012 Report Share Posted February 3, 2012 si mie mi se pare cam greu de crezut, dar astept mai multe informatii sa vedem cum sta treaba, sunt chiar curios Quote Link to comment Share on other sites More sharing options...
the wolf Posted February 3, 2012 Report Share Posted February 3, 2012 Thunderbird nu ruleaza JavaScript fara consintamantul userului. Asa ca e numai pe jumate adevarat, pentru ca se pare ca Outlook da, oricum imaginea din articol era cu Thunderbird asa ca no way. Quote Link to comment Share on other sites More sharing options...
BlackJokerKode Posted February 3, 2012 Report Share Posted February 3, 2012 Nu cred ca e posibil asa ceva,suna cam prea tras de par. Quote Link to comment Share on other sites More sharing options...
AhEaD Posted February 3, 2012 Report Share Posted February 3, 2012 Si acum sa revenim pe pamant.Ca sa fie adevarat ceea ce scrie in 3 randuri in primul post trebuie sa luam in calcul mai multi factori.In primul si cel mai importand, adresa de mail.Ca sa se execute orice fel de cod la deschiderea mesajlui e nevoie de CSRF ( Cross-site request forgery - Wikipedia, the free encyclopedia ) in e-mail`ul respectiv. Cat despre yahoo, nu mai exista de prin 2001 ( ce distractie maxima a fost atunci, CHEERS PENTRU CINE TINE MINTE ).Probabil e vorba despre un e-mail provider ratat gen mail.com care acum o saptamana inca aveau csrf in body si despre un js facut cum trebuie.Astea fiind spuse chiar astept stirea care sa ma contrazica. Quote Link to comment Share on other sites More sharing options...
robelrock Posted February 3, 2012 Report Share Posted February 3, 2012 Java Drive By?silent java driveby Quote Link to comment Share on other sites More sharing options...
Pugna Posted February 4, 2012 Report Share Posted February 4, 2012 Ca drive-by-ul sa poata fi incarcat atunci cand se deschide mail-ul, e nevoie de un JS care sa faca document.write la un iframe ori direct la applet. Deci au XSS in pagina de vizualizare a mail-urilor. Quote Link to comment Share on other sites More sharing options...
Nytro Posted February 4, 2012 Report Share Posted February 4, 2012 Si Java? Nici nu cred ca am instalat, iar daca am, oricum il am Disabled in Firefox. Quote Link to comment Share on other sites More sharing options...
daatdraqq Posted February 4, 2012 Report Share Posted February 4, 2012 Bullshit . Quote Link to comment Share on other sites More sharing options...