Email Lures for ANI Zero Day

Websense Security Labs has discovered a large email spam run that includes links to sites that are hosting ANI exploit code. Users receive an email with the subject line "Hot Pictures of Britiney Speers" that is written in HTML and has anti-spam avoidance text within the HTML comments.

Users who click on the links are redirected to one of several websites that we are tracking. The sites contain obfuscated JavaScript. The decoded JavaScript sends all users to the same website, which is hosting the exploit code. WebsenseŽ - Security Labs Alert: Email Lures for ANI Zero-Day

Linked by shanmuga Tuesday, 10th April 2007 1:46AM