copyright | disclaimer | privacy | contact  
Australia's Leading Computer Emergency Response Team
 
Search this site

 
On this site

 > HOME
 > About AusCERT
 > Membership
 > Contact Us
 > PKI Services
 > Training
 > Publications
 > Sec. Bulletins
 > Conferences
 > News & Media
 > Services
 > Web Log
 > Site Map
 > Site Help
 > Member login

  Home » Publications » AusCERT Web Log » Father's Day Email Follow-up
 

Father's Day Email Follow-up
Date: 18 September 2007

Click here for printable version
Two more small runs have been seen since the initial alert was raised
on 12 September 2007.

We saw one on the 14th September and the other on the 17th September. We
only saw three new sites in total across the two runs.

The sites included in the emails include the following.
(URLs modified to prevent accidentally visiting the malicious pages):

hxxp :// cemoffice,com / fatherday,html
hxxp :// generationd,us / fatherday,html

These both link to the exploit site

hxxp :// www,xstepstech,com /sp/

So far, the only subject line is:

Happy Father's Day

Here is an example of the email body.

--- BEGIN EMAIL BODY TEXT ---
Hello, auscert@auscert.org.au!!!

Happy Father's Day. You're The Greatest

hxxp :// generationd,us / fatherday,html

For all the times you were there reminding me that life
and friends are wonderful. Thank You
--- END EMAIL BODY TEXT ---

If you have any of these emails we would be keen to see the ones with
new websites other than those above.

Best Regards

Zane


Comments? Click here http://www.auscert.org.au/render.html?cid=7066&it=8093