SEPTEMBER 28, 2004 (IDG NEWS SERVICE) - Malicious hackers are seeding Internet newsgroups that traffic in pornography with JPEG images that take advantage of a recently disclosed security hole in Microsoft Corp.'s software, according to warnings from antivirus software companies and Internet security groups.
The reports are the first evidence of public attacks using the critical flaw, which Microsoft identified and patched on Sept. 14 (see story). Users who unwittingly download the poison images could have software installed on their computers that gives remote attackers total control over the machine, experts said.
The images were posted in a variety of Internet newsgroups where visitors post and share pornographic images, or "binaries." The altered JPEG images were posted to groups such as "alt.binaries.erotica.breasts" yesterday by someone using the e-mail address "Power-Poster@power-post.org," according to the online security discussion group BugTraq and information posted on Easynews.com, a Web portal for Usenet, the global network of news servers.
The corrupted JPEG images are indistinguishable from other images posted in the group but contain a slightly modified version of recently released exploit code for the JPEG vulnerability called the "JPEG of Death" exploit, which appeared over the weekend, said Johannes Ullrich, chief technology officer of the SANS Institute's Internet Storm Center (ISC). The ISC has also posted information about the exploit online.
Read the full story
here.
