ihateyousomuch.com  -

Monday 27 Sep '04 - + 4 - 7 Slashdot | First JPEG Virus Posted To Usenet

http://it.slashdot.org/article.pl?sid=04/09/27/2319222&tid=172&tid=218 - Just a timely followup to my earlier post regarding this jpeg exploit. Look at a picture; and the exploit will:

Once this JPEG overflowed GDI+, it phoned home, connected to and ftp site and downloaded almost 2megs of stuff. It installs a trojan that installs itself as a service. It also installs radmin (radmin.com) running as 'r_server'. From the radmin.com site, "With Radmin you can work on a remote computer exactly as if you were right there at its keyboard."

Unless you are running linux; then don't worry about anything. Or a fully patched Windows system. Exploits like this; and more importantly; the programming and environment that allow them to exist; scare the bejesus out of me.

Shortcut to the details of the exploit: http://www.easynews.com/virus.txt

Name:			Remember personal info? Yes No
Email:
URL:
Comment:		Emoticons / Textile
I've turned this on to get rid of the bastard spammers. Sorry to all the valid posters. Ok Lorne? It is only valid on the older posts though, so maybe people won't really be bothered by it. For spam protection; please type the lowercase word 'rude'.     ( Register your username / Log in )
Notify: Yes, send me email when someone replies. Hide email: Yes, hide my email address.
Small print: All html tags except <b> and <i> will be removed from your comment. You can make links by just typing the url or mail-address.