I came across a puzzling item on my server log today:
86.87.32.60 - - [03/Dec/2007:12:24:20 -0800] "GET /modules/emoticon.php?email=sweetygirl_lianne@hotmail.com HTTP/1.1" 404 226 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.11) Gecko/20071127 Firefox/2.0.0.11"
Searched around the net to see what it was about and apparently (all the entries were in Dutch) there is an email virus circulating that links to /modules/emoticon.php in CMSMS sites. It's getting a 404 on my system, but I'm wondering if some CMSMS installations have the target script installed. Since it's not a CMSMS module (as far as I know) I'm thinking it must be getting installed on some systems by some kind of malware.
Might be a good idea to see what's up with this...
Virus using CMSMS sites for spam relay?
Re: Virus using CMSMS sites for spam relay?
if the url gives you a 404 its just someone / something phishing on your site.
I see attacks against IIS all the time in my apache logs
I see attacks against IIS all the time in my apache logs
