Naughty, naughty...

i spotted a nasty way to propagate viruses earlier, Gmail had already categorised it as spam so i assume it's getting on a bit now but i'm still... well, impressed is the wrong word since it's a way to trick people into opening a almost certainly harmful file but it's pretty ingenious all the same. What it does is uses an apparent hole in Google or more accurately in Google's advertising accountancy system; when you open an advert from Google it gets passed through a tracking system that keeps count of which adverts are displayed and visited, before being kicked forward to the actual site. What this little exploit does is use that tracking system, the email that it sends from infected machines starts http://www.google.com/ and most people consider that a trusted site, but the rest of the address is just some gunk that's been borrowed from a legitimate advert and, at the end of the string, it passes Google a different address. That address is in Poland and points specifically at a file called "video.exe"

i doubt i have to say to anyone technically-minded enough to be reading the drivel i write knows not to click on an email attachment or link with a .exe suffix but this is sneaky... the URL itself is over ninety characters long so it "buries" the file extension and, more importantly, although it doesn't obfuscate things very much this way if you know what to look for, the use of Google's name is probably going to "sell" this link to a fair few people...