Slashdot Mirror

← Back to Stories (view on slashdot.org)

BBC Site Used as IE Attack Lure

Posted by ryuzaki0 on from the reads-good-enough-to-be-true dept.

capt turnpike writes "The hits just keep coming... according to eWEEK.com, someone is using actual excerpts of BBC news stories to 'launch drive-by downloads of bots, spyware, back doors and other Trojan downloaders.' One example is a story blurb masking the download and installation of a keylogger -- with no user interaction. And it doesn't even tell you it loves you."

19 of 83 comments (clear)

  1. Now I'm worried.... by Black+Copter+Control · · Score: 4, Funny
    From TFA:
    Click here to read more about drive-by attacks on the Internet Explorer vulnerability.
    And if I click there, just what do I get?

    (Times like this I'm glad that I use linux ... Until, of course, the next zero-day firefox hole, at which point I'll switch to konqueror or..).

    --
    OS Software is like love: The best way to make it grow is to give it away.
    1. Re:Now I'm worried.... by the-amazing-blob · · Score: 5, Funny
      And if I click there, just what do I get?
      I don't understand why everyone is so afraid of these things. They monitor us, keep track of us. The kind of thing a girlfriend would do if we had one. Think of keyloggers and the like as your new Girlfriend (beta 0.2, results may vary)
    2. Re:Now I'm worried.... by Mal-2 · · Score: 3, Funny

      > Think of keyloggers and the like as your new Girlfriend (beta 0.2, results may vary)

      I'm worried about the child processes that will be spawned...

      Mal-2

      --
      How is the Riemann zeta function like Trump rallies? Both have an endless number of trivial zeros.
  2. Re:Erm, why is this a story? by bersl2 · · Score: 2, Funny

    They need to do it using eWeek.

  3. Re:Erm, why is this a story? by i_should_be_working · · Score: 4, Funny

    Maybe slashdot will be spoofed next. That will be a story. That could be the story. Emails that read:

    "Tech website Slashdot article links to vulnerability exploiting websites. Read more here"

    And whoever submits it to /. won't even have to rephrase it.

  4. WOW! by jav1231 · · Score: 4, Funny

    An IE vulnerability! That's news!

  5. Fake URLS Suck! by Giant+Ape+Skeleton · · Score: 5, Funny

    According to This article, using bogus URL's to trick people is still the most effective social engineering trick in the book. Of course, that may not apply to those in the Slashdot community :p

    --
    The difference between stupidity and genius is that genius has its limits.
    1. Re:Fake URLS Suck! by MBCook · · Score: 5, Funny
      I clicked your link.

      It's an apache configuration page!
      I'M BEING HACKED!

      AAAAAAaaaaahhhhhh......

      I'd better call the FBI!

      --
      Comment forecast: Bits of genius surrounded by a sea of mediocrity.
    2. Re:Fake URLS Suck! by Anonymous Coward · · Score: 3, Funny

      woah, whoever maintains that site is one sick f*cker.

    3. Re:Fake URLS Suck! by jftitan · · Score: 3, Funny

      Tech Support : I'm sorry sir, but Apache is the name for the webserver software used to run your webpage.

      you:..... AHHHHHHHHHH

      Tech Support: You go right ahead and call the FBI and Police, I'll be sure to let them know about everything, right after I shoot off our transcribed converation to your local news agency.

      you: (what you say, next will make an interesting conversation)

      --
      "Don't Forget to Salt the Fries"
    4. Re:Fake URLS Suck! by Anonymous Coward · · Score: 1, Funny

      If you want to print the story just use this link.

    5. Re:Fake URLS Suck! by Trogre · · Score: 2, Funny

      It's a known spammer's site.

      Better DDOS the bugger before it hurts anyone else.

      --
      "Nine times out of ten, starting a fire is not the best way to solve the problem." - my wife
    6. Re:Fake URLS Suck! by Doppleganger · · Score: 2, Funny

      Hey... that idiot uses the same root password I do! He's got loads of MP3s and warez here, I'm gonna download 'em all and then format his drive before he knows what hit him!

  6. Re: Erm, why is this a story? by Black+Parrot · · Score: 4, Funny

    > If they do it again tomorrow with text from nytimes.com would that be another story?

    And will it be safe to read about it at BBC?

    --
    Sheesh, evil *and* a jerk. -- Jade
  7. Re:How is this news? by TommyBlack · · Score: 4, Funny
    WOW! It's not like they took over the BBC site and used it.
    No, of course not. I'm the one who did that.

    Click here to read an interesting BBC story about it
    --
    Why do my serious comments get modded "funny"?
  8. My SITE HAS BEEN HIJACKED by Billly+Gates · · Score: 4, Funny

    MY name is James Taylor and I clicked on your link and then the web went down all by itself!

    It was taking over by a hostile native american terrorist organization called apache running on Gentoo gnu/linux. Damit hacker! I need to call the FBI over and sue you for this.

    --
    http://saveie6.com/
  9. Re:Erm, why is this a story? by Firehed · · Score: 5, Funny

    Wouldn't this end up creating some sort of infinate dupe-loop and tear the fabric of space-time?

    --
    How are sites slashdotted when nobody reads TFAs?
  10. Re:Erm, why is this a story? by richdun · · Score: 4, Funny

    Possibly. It'd be the first exploit that required soul-sucking registration to activate it.

  11. Re:How is this news? by Anonymous Coward · · Score: 0, Funny

    WARNING: parent is a bit slow in the head