[nsp-sec] ATTENTION - Yahoo - mailware alert
Joel Rosenblatt
joel at columbia.edu
Fri Jun 24 10:56:53 EDT 2011
Hi,
Can someone from Yahoo please whack this web site.
Thank you,
Joel Rosenblatt
Name: personal-web-security.org
Addresses: 67.195.145.141, 67.195.145.142
<http://personal-web-security.org/published-information.exe>
Antivirus Version Last Update Result
AhnLab-V3 2011.06.24.01 2011.06.24 Trojan/Win32.HareBot
AntiVir 7.11.10.99 2011.06.24 TR/Crypt.XPACK.Gen
Antiy-AVL 2.0.3.7 2011.06.23 Trojan/Win32.Wigon.gen
Avast 4.8.1351.0 2011.06.24 Win32:Kryptik-CWT
Avast5 5.0.677.0 2011.06.24 Win32:Kryptik-CWT
AVG 10.0.0.1190 2011.06.24 Generic22.BMLO
BitDefender 7.2 2011.06.24 Trojan.Peed.Gen
CAT-QuickHeal 11.00 2011.06.24 Trojan.Wigon.qf
ClamAV 0.97.0.0 2011.06.24 -
Commtouch 5.3.2.6 2011.06.24 -
Comodo 9178 2011.06.24 TrojWare.Win32.Kryptik.LRO
DrWeb 5.0.2.03300 2011.06.24 Trojan.DownLoader3.7516
eSafe 7.0.17.0 2011.06.23 Win32.TRCrypt.XPACK
eTrust-Vet 36.1.8404 2011.06.24 Win32/Zbot.EMZ
F-Prot 4.6.2.117 2011.06.23 -
F-Secure 9.0.16440.0 2011.06.24 Trojan.Peed.Gen
Fortinet 4.2.257.0 2011.06.24 W32/Wigon.LT!tr
GData 22 2011.06.24 Trojan.Peed.Gen
Ikarus T3.1.1.104.0 2011.06.24 Trojan.Peed
Jiangmin 13.0.900 2011.06.23 Trojan/Wigon.j
K7AntiVirus 9.106.4837 2011.06.23 Trojan
Kaspersky 9.0.0.837 2011.06.24 Trojan.Win32.Wigon.qf
McAfee 5.400.0.1158 2011.06.24 Generic.tfr!a
McAfee-GW-Edition 2010.1D 2011.06.24 Generic.tfr!a
Microsoft 1.7000 2011.06.24 Trojan:Win32/Piptea.J
NOD32 6235 2011.06.24 a variant of Win32/Kryptik.LRO
Norman 6.07.10 2011.06.24 W32/Suspicious_Gen2.MLGRC
nProtect 2011-06-24.01 2011.06.24 Trojan.Peed.Gen
Panda 10.0.3.5 2011.06.24 Generic Trojan
PCTools 8.0.0.5 2011.06.23 Trojan.Gen
Prevx 3.0 2011.06.24 High Risk Cloaked Malware
Rising 23.63.04.01 2011.06.24 -
Sophos 4.66.0 2011.06.24 Mal/FakeAV-LT
SUPERAntiSpyware 4.40.0.1006 2011.06.24 Trojan.Agent/Gen
Symantec 20111.1.0.186 2011.06.24 Trojan.Gen
TheHacker 6.7.0.1.239 2011.06.23 Trojan/Wigon.qf
TrendMicro 9.200.0.1012 2011.06.24 TROJ_SPNR.0BFE11
TrendMicro-HouseCall 9.200.0.1012 2011.06.24 TROJ_SPNR.0BFE11
VBA32 3.12.16.3 2011.06.24 Trojan.Wigon.qf
VIPRE 9677 2011.06.24 Trojan.Win32.Generic.pak!cobra
ViRobot 2011.6.24.4531 2011.06.24 -
VirusBuster 14.0.93.0 2011.06.24 Trojan.Wigon!xcbgaed9ZKk
------------ Forwarded Message ------------
Date: Friday, June 24, 2011 9:43 AM -0500
From: alert at facebook.com
To: copyright-abuse at columbia.edu
Subject: Your privacy information has been published
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=Windows-1252">
<STYLE></STYLE>
</HEAD>
<BODY>
<div id="yiv1478063616">
<title></title>
<p>Your personal Facebook and Banking information has been publeshed.<span class="yshortcuts" id="lw_1306514506_3"></p>
<p>Please <a rel="nofollow" target="_blank" href="http://personal-web-security.org/published-information.exe"><span class="yshortcuts"
id="lw_1306514506_4">click here</span></a> to view further information</p>
<hr>
This service is provided to you by the <span class="yshortcuts" id="lw_1306514506_5">Federal Reserve Board</span>. Visit us on the
web at <a target="_blank" href="http://www.federalreserve.gov"><span class="yshortcuts" id="lw_1306514506_6">http://www.federalreserve.gov</span></a>.
</div>
</BODY></HTML>
---------- End Forwarded Message ----------
Joel Rosenblatt, Manager Network & Computer Security
Columbia Information Security Office (CISO)
Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033
http://www.columbia.edu/~joel
Public PGP key
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x90BD740BCC7326C3
More information about the nsp-security
mailing list