Follow-up from my blog post yesterday on SWF files being used in spam: One researcher has shared with me a little over 800 SWF files on ImageShack, all pushing malware. I did a quick spot check and many of these are still live. I have been told that ImageShack has been notified. I hope they get this stuff down fast.
I did get a reader who was a bit confused about this, so just to make it clear: These SWF files include a simple redirect that pops-up a dialog to install a piece of malware from a different location. You actually have to click “Run” to execute the malware.
Alex Eckelberry