[Dshield] Is this site a wmf attack?
ptds at majordomo.thedacare.org
Thu Feb 23 05:17:56 GMT 2006
On Wed, 22 Feb 2006, Wes S wrote:
> I was looking for reviews on the palm T|X via google and when I
> clicked on this site, my virus scanner (etrust) got uppity about a
> virus exploit. The site seems to be trying to send me a wmf file.
> I rot13'd the link:
As a matter of fact, it does. When the site is searched from google some
and the strings inside that file point to
I complained to the quality feedback on google as I understand that they
frown upon sites that give different content if the referrer is google
than if it is not, and virus turds are certainly different content.
There seem to be a lot of these popping up lately.
Yours is chinese, here is a russian one:
More information about the list