Slashdot Mirror


Spam Opt-out Link Triggers Malicious Code Attack

Maestro4k writes "The Register is reporting on a new spam E-mail circulating out there. In it, clicking on the 'Click here to remove' link launches a site, that when the user scrolls the page, triggers a drag-drop javascript exploit. Scarily the E-mail actually complies with the CAN-SPAM act as it only requires spammers to put an opt-out link in their mailings. As The Reg says "It comes as little surprise that this feature is been taken advantage of in a social engineering exploit; but it does illustrate the security problems of the opt-out approach that were always apparent to security experts - and ignored by legislators." The link in questions points to www. xcelent.biz (As in The Reg story, space intentionally included) so even if you can't block the mail yet it should be easy to block access to the site with the exploit. I suspect this is just the beginning and most spam will include "features" such as this in the near future."

15 of 327 comments (clear)

  1. Microsoft says "No Problem" by Anonymous Coward · · Score: 5, Funny
    Don't worry, this isn't a real problem:
    "Given the significant amount of user action required to execute an attack, Microsoft does not consider this to be a high risk for customers," a company representative said, adding that the software giant's security experts are continuing to research the issue.

    I mean, using a scrollbar. Come on, what kind of ignorant user is going to use a scrollbar an a site they don't trust? ;-)
    1. Re:Microsoft says "No Problem" by fymidos · · Score: 2, Funny

      oh, come on now, it was just a typo, what they meant was that it is not a high risk for MS *intellimouse* customers.

      --
      Washington bullets will simply be known as the "Bulle
  2. Greeting from Malaysia by politicsie04 · · Score: 5, Funny

    Whois says that the website is operated by Anandan Krishan from Malaysia, so lets all send him an email, win2save@yahoo.com , complaining that he has discrimnated against Firefox, and Linux users of his website, and that in future he should have a more inclusive virus.

  3. Dumb by sl8r · · Score: 5, Funny
    Also, the programmer seems to have had fun writing the javascript on that xcelent.biz page. From the source:
    // probably the dumbest scrollbar emulation on this planet ;)
  4. Useful slashdotting!! by Evan+Meakyl · · Score: 4, Funny

    The link in questions points to www. xcelent.biz (As in The Reg story, space intentionally included)

    There should be a real link, in order to /. it!!!

  5. Re:Why is the site still up? by gorbachev · · Score: 5, Funny

    Two possible reasons:

    1. Law enforcement agencies asked to keep it up

    2. Hinet Taiwan doesn't give a shit

    I'm betting on option #2.

    --
    In Soviet Russia, I ruled you
  6. Re:Another good reason... by Anonymous Coward · · Score: 4, Funny

    ..to get SpamAssassin.

    No. A good reason to hire a Spammer Assassin,
    perhaps.

    Violent, painful death is, after all, the only thing these sleaseballs fear.

  7. well then... by Anonymous Coward · · Score: 1, Funny

    ... time to send one of these babies to each legislator....

  8. send it to the MCSE boys by codepunk · · Score: 3, Funny

    I just sent a link to that to the MCSE slags at work. How long till they figure out they just got owned.

    --


    Got Code?
  9. Re:interesting ports on the spammer's site by TCM · · Score: 2, Funny

    That link is for 3.1. Stupid AC must have been confused 3.5 with 2.5.

    That AC is not me.

    *runs*

    --
    Of course it runs NetBSD. BTC: 1NT7QvbetmANwaMzhpVL6
  10. The Final Solution to Spam by cryptochrome · · Score: 2, Funny

    Flash Lynch Mobs.

    --

    ---If you can't trust a nerd, who can you trust?

  11. Re:Use your powers for good by ElNeo · · Score: 5, Funny

    Like this nice link?
    (click link below to show link...)

  12. Good thing I use Macs and Linux then... by Cybertect · · Score: 2, Funny

    I don't have to worry about Windows viruses *and* fake scroll-bars will stick out like sore thumbs :)

  13. Re:interesting ports on the spammer's site by ravydavygravy · · Score: 4, Funny
    Heh - this is what it looked like a few minutes ago...
    mysql> use test;
    Database changed
    mysql> show tables;
    +----------------+
    | Tables_in_test |
    +----------------+
    | SPAMMERS_SUX0r |
    | w00t |
    +----------------+
    2 rows in set (0.84 sec)
  14. Re:devious by Anonymous Coward · · Score: 1, Funny

    Just one more reason why Linux isn't ready for the desktop...

    oh wai