Meatspin: Difference between revisions
→Meatspin
No edit summary |
|||
Line 6: | Line 6: | ||
There are variants of this site which contain scripts that will let the window bounce around the screen and display alot of message boxes when the user tries to close the page. | There are variants of this site which contain scripts that will let the window bounce around the screen and display alot of message boxes when the user tries to close the page. | ||
== Google Hammer == | |||
Google Hammer is the most malicious variant of Meatspin. It tries to trick people into thinking they will find good value marketing information, however when visitng the site, it sometimes will show a fake loading page, then it will proceed to the main payload which is showing the Meatspin flash, letting the window move around the screen. When the user tries to close the page, a second payload will be activated which is crashing non-IE browsers such as Chrome by overloading Shockwave Flash using a custom SFWObject script, displaying alot of confirm boxes, and changing the window title on IE on exit . Before it used its own code, the website was a mirror to Makemoniesonline.com which is basically the same (Not as malicious though.) Many people think that the website will download a bunch of malicious applications to the local machine, however this statement was confirmed false. | Google Hammer is the most malicious variant of Meatspin. It tries to trick people into thinking they will find good value marketing information, however when visitng the site, it sometimes will show a fake loading page, then it will proceed to the main payload which is showing the Meatspin flash, letting the window move around the screen. When the user tries to close the page, a second payload will be activated which is crashing non-IE browsers such as Chrome by overloading Shockwave Flash using a custom SFWObject script, displaying alot of confirm boxes, and changing the window title on IE on exit . Before it used its own code, the website was a mirror to Makemoniesonline.com which is basically the same (Not as malicious though.) Many people think that the website will download a bunch of malicious applications to the local machine, however this statement was confirmed false. | ||
==Links== | ==Links== |