ANI - Friday afternoon

Hi folks,

Two interesting things have happened today.

First, is (and probably lots of people already know this, but ) that sometime in the last few days, it appears that the Taiwanese site for ASUS was hacked, and an iframe to an ANI inserted. Fortunately, the site where it was trying to download the exe from is now offline, but the iframe is still in the ASUS site, so one needs to be careful. It's now officially an Orphaned Lure.

Second is that I've now heard of a second target being phished by fax! The victim has to read the fax, and go type a URL into a browser. The URL has the same version of the exploit package that I wrote about a few days ago in association with the Britney Spears spam run... an ANI, a SetSlice, a winzip, a quicktime, an MS06-042, and a VML. It's a bit like a Moron Virus (that's where you have to copy the virus onto each file yourself, because the virus writer was too dumb to do it programatically)

Cheers

Roger