Confessions Of A Dangerous Mind

[ A Rewrite of this post in english , due to the importance ]

A few days back , I received a nice gift via my Msn IM account, i got the following link :

http://myparties.piclooks.com/?<user> ( where <user> is the infected sender ). in that case i got it through MSN , so i dont tknow if any other IM is compromised.

when clicking on that link you would get the following web window -

That screen immediately raised my suspicion that there is something wrong here. an unknown site is asking for my MSN / Hotmail credentials in order to provide me a service which natively could be provided via a normal API... so i started checking.

Viewing the client side source code was very nice , cause it shows a very simple - almost child-like html code that is generated via simple tools.

An IP address (  64.34.154.82 ) was embedded in, which is not something that you would expect from a service, very unusual.

When disecting the URL to its basics and just going to piclooks.com , you would get the following output ( meaning , there is no actual homepage behind this application )

The summary is very simple , this is most probably a phising site , and not a very sophisticated one , which its whole purpose is to steal the online identities of those who are naive enough to play along.

be careful of this hoax.

Labels: english, passwords, privacy, sbn, script, spam, threats, virus, vulnerability

Posted by barry on Wednesday, January 21, 2009 at 7:26 AM | Link