A New MSN Phishing ( Identity Theft ) Worm - ENG
[ A Rewrite of this post in english , due to the importance ]
A few days back , I received a nice gift via my Msn IM account, i got the following link :
http://myparties.piclooks.com/?<user> ( where <user> is the infected sender ). in that case i got it through MSN , so i dont tknow if any other IM is compromised.
when clicking on that link you would get the following web window -
That screen immediately raised my suspicion that there is something wrong here. an unknown site is asking for my MSN / Hotmail credentials in order to provide me a service which natively could be provided via a normal API... so i started checking.
Viewing the client side source code was very nice , cause it shows a very simple - almost child-like html code that is generated via simple tools.
An IP address ( 64.34.154.82 ) was embedded in, which is not something that you would expect from a service, very unusual.
When disecting the URL to its basics and just going to piclooks.com , you would get the following output ( meaning , there is no actual homepage behind this application )
The summary is very simple , this is most probably a phising site , and not a very sophisticated one , which its whole purpose is to steal the online identities of those who are naive enough to play along.
be careful of this hoax.
Labels: english, passwords, privacy, sbn, script, spam, threats, virus, vulnerability
