Casino spam with malware?

[chayton]

My email is set to automatically block any embedded graphics from places that aren't in my address book. For the last couple of weeks I've been getting casino spam, that's nothing new - but lately I've noticed that I'm getting a bunch that say stuff like, "Make sure you enable images to get a free chip!" or free spins or whatever. Last week I went to delete one and misclicked and hit the 'show images' button instead and my antivirus popped up a warning message.

I thought that was kind of weird, but I've been testing since then and every time I get one of those message that say "make sure your images are on" my antivirus pops up.

So what could it be from? I'm thinking perhaps the affiliates are including cookies in the gif files with their affiliate ID...is that even possible? You can't include a virus in a graphic can you?

Next time I get one I'll have to look closer at the code, but it's odd that suddenly this is happening.

 

[incrediblestuff]

In fact, the most common way to spread viruses and trojans was through images back in the day.
Im not up to date on the topic though.

But normally you would have to "open" it at least.

And, from what i've been reading, there isn't much that surprises me today...
I think there is going to be a huge spread of infections in the coming years, possibly undiscovered till it's too late as usual

Just be carefull.

 

[vinylweatherman]

In fact, the most common way to spread viruses and trojans was through images back in the day.
Im not up to date on the topic though.

But normally you would have to "open" it at least.

And, from what i've been reading, there isn't much that surprises me today...
I think there is going to be a huge spread of infections in the coming years, possibly undiscovered till it's too late as usual

Just be carefull.

It can be done. It seems to exploit vulnerabilities in the default viewer that kicks in when viewing an image. It could also be done with MP3 (Music) files by exploiting a vulnerability in Windows Media Player. MY old Windows 98 machine got hit by a virus embedded in an MP3. The vulnerability seemed to be related to where WMP couldn't find a codec and asked whether you wanted to "try and play anyway".

GIF files are vulnerable more than any other image format because they can do more than just store images. They can show a short animation, for example, and are used in some members' avatars here.

In the case of casino spam, it may have been a "drive by download" attempt embedded in the images that the anti virus caught. This would have ensured the casino got installed there and then, guaranteeing the affiliate got tagged even if you didn't sign up straight away.

Regular images should not set an anti virus program off.

 

[chayton]

In the early days of email harvesting I remember an issue came up with graphics on websites. The bad people would have a website with graphics that were stored on an FTP server that required an anonymous login. Before Microsoft plugged that hole, IE would automatically log you in anonymously using your email address (if you weren't using webmail) as a password.

So all anyone had to do was put up a site with photos that people would be interested in (celebrities, cute animals, porn) and then just sit back and collect email addresses of unsuspecting idiots and sell them to spammers.