“What harm can an HTML file do?
The answer is ‘plenty’.”
“Attracting attention by latching on to the latest breaking news is a technique that attackers have been using for quite some time. In fact, several examples of SEO poisoning and search malware are explored throughout barracudalabs.com and this blog. Google hot topic search results frequently are littered with links to hacked sites that serve up malicious JavaScript. Now, the attackers are taking that a step further and not requiring the user to come to their hacked sites but rather simply emailing the same malicious JavaScript sites straight to an inbox.”
“These emails are presented as something just innocent enough that a user might allow curiosity to overrule caution and click “open”. However, once that happens, the HTMLs suddenly don’t seem so harmless.”
Opened in a browser window, this JavaScript sends the browser to a variety of destinations depending on the spammer
.
Read the article at
No comments:
Post a Comment