what if i opened that link in the steam browser
"Many people got hacked by clicking this link that a friend sent em: You will exchange this thing? screenshot -url .com/Screen_19521. pngIf your friend send you a link to click on it and it looks like that, then your friend got infected/hacked."
thanks?
thank you for repeating word for word what the link in OP says.
i'm assuming that clicking the group link is oki hopei wish
I've downloaded it with wget.It immediatly redirects to a russian server and changes the name from xxxxx.png (a picture) to xxxxxx.scr (an executable)Here's the server response if you are curious--2014-11-14 02:37:57-- http://screenshot-url.com/Screen_19521.pngResolving screenshot-url.com... 37.140.192.187Connecting to screenshot-url.com|37.140.192.187|:80... connected.HTTP request sent, awaiting response... HTTP/1.1 302 Found Server: nginx Date: Fri, 14 Nov 2014 01:37:56 GMT Content-Type: text/html; charset=iso-8859-1 Connection: keep-alive Location: http://files.etherway.ru/G5LG2VZD7OT0OO50DW7SLY2TFEKTSS Content-Length: 323Location: http://files.etherway.ru/G5LG2VZD7OT0OO50DW7SLY2TFEKTSS [following]--2014-11-14 02:37:59-- http://files.etherway.ru/G5LG2VZD7OT0OO50DW7SLY2TFEKTSSResolving files.etherway.ru... 91.197.172.9Connecting to files.etherway.ru|91.197.172.9|:80... connected.HTTP request sent, awaiting response... HTTP/1.1 200 OK Date: Fri, 14 Nov 2014 01:37:06 GMT Server: Apache X-Powered-By: PHP/5.4.4-14+deb7u2 Set-Cookie: PHPSESSID=cl430u2g7k41n9gkm91qsvq595; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Disposition: attachment; filename="Screen_19521.scr" Last-Modified: Thu, 13 Nov 2014 09:57:10 GMT ETag: "a70f0a0803f552d0-38a00-507ba892d1dd5;4eebad2310a7f" Content-Length: 231936 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: application/octet-streamLength: 231936 (227K) [application/octet-stream]Saving to: `G5LG2VZD7OT0OO50DW7SLY2TFEKTSS'The <Content-Disposition: attachment; filename="Screen_19521.scr"> does the magic trick of making a PNG an executable :PNot surprisingly, the picture is a windows executableOffset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F00000000 4D 5A 90 00 03 00 00 00 04 00 00 00 FF FF 00 00 MZ..........ÿÿ..00000010 B8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 ¸.......@.......Go Linux!