08 July 2008

WHAT NEXT? - imagedino.info MSN SPIM

Please change your password if you entered your user name and password into the imagedino.info website.

I have been following the imagedino.info saga since yesterday when I received a link to the site from a contact. Ever since then I have been trying to figure out what the point of this "attack" was. It seems pretty harmless and it also seems to be a rather basic attack, but I did some digging and found this article from Trend that seems to be rather similar form of attack.

The article indicates that once you have entered your user name and password into the form your login details are sent to an email box. The owner of that email box can then use your email account to send out spam mails or malware. This is obviously not a good thing, as it will annoy the daylights out of all your friends and possible infect their machines if your account is used to send out malware!

imagedino.info has Google Analytics
I noticed that if you view the source of the page it has Google Analytics embedded in it! What on earth are these guys doing? Is it some security research project by some students that got into the wild?




Get Firefox 3 to block
Also note that Mozilla Firefox 3 now blocks that domain. I would recommend that if you are using internet explorer rather upgrade to Firefox 3. It has some really good security features that block websites like these once they are identified. This is very usefull if you expect someone else to use your computer that also uses MSN. It will prevent them from being part of this whole attack.



What is SPIM?
I noticed that a lot of people where referring to the messages sent as SPIM. according to wiktionary.org : "SPIM is Unsolicited commercial messages sent via an instant messaging system"

No comments: