New Virus May Steal Data
A mysterious Internet virus being spread Friday by hundreds and possibly thousands of infected websites may be aimed at stealing credit card and other valuable information, security experts warned.
The infection appears to take advantage of three separate flaws with Microsoft products. Microsoft said software updates to fix two of them had been released in April, but the third flaw was newly discovered and had no patch to fix it yet.
Experts said the infection, detected by Microsoft on Thursday, was unusually broad but wasn't substantially interfering with Internet traffic.
Security technicians at Microsoft and elsewhere worked Friday to pin down how the infection spreads across websites. It appears to target at least one recent version of Internet Information Server, Microsoft's software for operating websites.
The infection makes subtle changes to the site so visitors get a piece of code that's designed to retrieve from a Russian website software that records a person's keystrokes and can send data back, experts say. Such software "Trojan horses" are routinely used to fish for credit card numbers, bank accounts, passwords and the like.
Now that the code is out, other hackers are likely to adapt it to distribute software for spamming and for launching broad Internet attacks against popular sites, said Alfred Huger, senior director of engineering at Symantec Corp.
"Users should be aware that any website, even those that may be trusted by the user, may be affected by this activity and thus contain potentially malicious code," the U.S. Computer Emergency Readiness Team warned in an Internet alert.
Stephen Toulouse, a security program manager at Microsoft, recommended that computer owners obtain the latest security updates for Microsoft products and their antivirus and firewall programs.
Because one flaw has yet to be fixed, he said, users should also turn up security settings on Microsoft's Internet Explorer browsers to the highest levels.
Security experts noted that users can avoid the exploit by using alternative browsers such as Mozilla and Opera. Users could also turn off the Javascript feature on their Microsoft browsers, though doing so cripples functions on some sites.
The infection does not affect Macintosh versions of Internet Explorer.
PC-Mac Support , Windows & Apple & Android systems A+ PC-Mac Computer Technician, bdamusic@gmail.com Email me! 238-1777,Facebook http://tinyurl.com/36sqj5u PC & Apple service at your home: connect your PC or Mac to the Internet:install IP security cameras:install wireless network: Vitamin D surveillance software Reseller
Saturday, June 26, 2004
Friday, June 25, 2004
New attack hitting Web users through major sites
Internet users may unwittingly be downloading malicious code
The attack affects only users running Microsoft Corp.'s Windows operating system and Internet Explorer browser
Internet users visiting some of the most popular sites on the Web may unwittingly be downloading malicious code that compromises their computers and sets up a relay network for a future onslaught of spam, a security services company warned Thursday.
NetSec Inc., which provides managed security services for large businesses and government agencies, began detecting suspicious traffic on several of its customers' networks on Thursday morning, said Chief Technology Officer Brent Houlahan.
Examining firewall logs and other data points on those networks, NetSec found that when users visit certain popular Web sites -- including an online auction, a search engine and a comparison shopping site -- they unwittingly download a piece of malicious JavaScript code attached to an image or graphics file on the site.
Without the user's knowledge, the code connects their PC to one of two IP (Internet Protocol) addresses in North America and Russia. From those systems they unknowingly download a piece of malicious code that appears to install a keystroke reader and probably some other malicious code on the computer, Houlahan said.
The code may be gathering the addresses of Web sites visited by affected users and the passwords used to access them. In addition, the IP address in Russia is a known source of spam, and the code may be creating a network of infected machines that could be used to relay spam across the Internet at some later date,
The attack affects only users running Microsoft Corp.'s Windows operating system and Internet Explorer browser
Internet users visiting some of the most popular sites on the Web may unwittingly be downloading malicious code that compromises their computers and sets up a relay network for a future onslaught of spam, a security services company warned Thursday.
NetSec Inc., which provides managed security services for large businesses and government agencies, began detecting suspicious traffic on several of its customers' networks on Thursday morning, said Chief Technology Officer Brent Houlahan.
Examining firewall logs and other data points on those networks, NetSec found that when users visit certain popular Web sites -- including an online auction, a search engine and a comparison shopping site -- they unwittingly download a piece of malicious JavaScript code attached to an image or graphics file on the site.
Without the user's knowledge, the code connects their PC to one of two IP (Internet Protocol) addresses in North America and Russia. From those systems they unknowingly download a piece of malicious code that appears to install a keystroke reader and probably some other malicious code on the computer, Houlahan said.
The code may be gathering the addresses of Web sites visited by affected users and the passwords used to access them. In addition, the IP address in Russia is a known source of spam, and the code may be creating a network of infected machines that could be used to relay spam across the Internet at some later date,
U.S. warns of large-scale virus attack
U.S. warns of large-scale virus attack
Chicago — U.S. government and industry experts warned late Thursday of a mysterious, large-scale Internet attack against thousands of popular websites.
The virus-like infection tries to implant hacker software onto the computers of all website visitors.
Industry experts and the Homeland Security Department were studying the infection to determine how it spreads across websites and find adequate defences against it.
"Users should be aware that any website, even those that may be trusted by the user, may be affected by this activity and thus contain potentially malicious code," the government warned in one Internet alert.
The mysterious infection appeared to target at least one recent version of software by Microsoft Corp. to operate websites, called its Internet Information Server, popular among businesses and organizations.
A spokesman for Microsoft declined comment immediately.
Experts said the attack's effects were unusually broad but weren't substantially interfering with Internet traffic.
"While this is significant, it has no impact on the operation of the Internet," said Marcus Sachs, who helps run the industry's Internet Storm Centre in Bethesda, Md.
Experts urgently recommended consumers and corporate employees update antivirus software on their computers, since the latest versions can immunize visitors to infected websites.
The infected websites attempt to implant on visitors' computers hacker software that allows others to use their computers to surreptitiously route Internet spam e-mails.
Chicago — U.S. government and industry experts warned late Thursday of a mysterious, large-scale Internet attack against thousands of popular websites.
The virus-like infection tries to implant hacker software onto the computers of all website visitors.
Industry experts and the Homeland Security Department were studying the infection to determine how it spreads across websites and find adequate defences against it.
"Users should be aware that any website, even those that may be trusted by the user, may be affected by this activity and thus contain potentially malicious code," the government warned in one Internet alert.
The mysterious infection appeared to target at least one recent version of software by Microsoft Corp. to operate websites, called its Internet Information Server, popular among businesses and organizations.
A spokesman for Microsoft declined comment immediately.
Experts said the attack's effects were unusually broad but weren't substantially interfering with Internet traffic.
"While this is significant, it has no impact on the operation of the Internet," said Marcus Sachs, who helps run the industry's Internet Storm Centre in Bethesda, Md.
Experts urgently recommended consumers and corporate employees update antivirus software on their computers, since the latest versions can immunize visitors to infected websites.
The infected websites attempt to implant on visitors' computers hacker software that allows others to use their computers to surreptitiously route Internet spam e-mails.
Subscribe to:
Posts (Atom)