Posted on 06/25/2004 10:41:28 PM PDT by Ernest_at_the_Beach
|
 |
|
| Internet Attack Exploits Microsoft Software Flaws Fri Jun 25, 2004 08:25 PM ET By Duncan Martell SAN FRANCISCO (Reuters) - A potentially dangerous attack on personal computers by a virus designed to steal financial data and passwords from Web users rippled across the Internet on Friday, computer security experts said. The attack, which surfaced earlier this week and is known as the "Scob" outbreak, exploits a vulnerability in servers using Microsoft Corp.'s IIS software and has been called more dangerous than the recent "Sasser" and "Blaster" infections. The infected servers in turn exploit another vulnerability in Microsoft's Internet Explorer browser to install a Trojan Horse virus on the PCs of Web surfers who visit the infected Web sites, said Alfred Huger, senior director of engineering at Internet security company Symantec Corp. "All of this takes place while it looks like you're viewing the same Web page," Huger said. "You don't even know that parts of your browser have been redirected to another Web site."
The U.S. Computer Emergency Readiness team warned on its Web site that "any Web site, even those that may be trusted by the user, may be affected by this activity and thus contain potentially malicious code." The Trojan Horse places a keystroke logger on users' PCs and is designed to capture credit card numbers and passwords and send them back to a server in Russia, said Michael Murray, director of vulnerability and exposure at computer security firm nCircle Network Security.
By late Friday, however, the threat to users' personal data has been diminished, at least for now. "The server appears to have been shut down in the last eight hours," Murray said. "We don't know if it was shut down by authorities or whether it was accidental." The attack is more alarming than most because there are no patches available yet from Microsoft to fix the vulnerability in Internet Explorer that lets the hackers take control of computers, security researchers said. On its Web site, Microsoft said users could search for the files "Kk32.dll" or "Surf.dat" to see if their PCs were infected. The company also suggested users set their browser security level to "high."
Experts also urged computer users to update their anti-virus software protection software Most anti-virus software has been updated so that it can prevent the Trojan Horse from being installed, but because there is no patch yet available, there's no way to prevent future attacks to install the virus, Huger said.
"The truly alarming part is there is no patch available for that vulnerability," Huger said.
|
|
Well, I just sent a Freepmail to Lauren, just in case. She doesn't know these things, you know?
You guys are funny! LOL!
I'll have to read the tech stuff tomorrow, because I promised myself a few hours of sleep.
Bob, you're probably up in Juneau, and have 7 wives in 5 different states! Maybe you're even an ax murderer! But that's ok - I'm safe from you, living not far from the heart of NYC (the Land of REAL Pizza).
Tom, you're a sweetheart, and I bet you love your wife more than life itself. I don't think you're really jealous of Bob, considering what he has to shell out for all that dental care for all his kids (in 5 states). :oD
I live in Chatsworth, CA. And also must get up at 4:30 AM. I know all about NYC. I was born near there. I won't go back, because I don't need to buy many clothes here:):) I build things that keep the US safe and me in $. Read my mail!
ROFL!!!
You will need to go to the autoparts store for the thing on wheels that they use to fix underneath the car
Computer shops will have difficulty understanding how you plan to use that!!!
I finally found this thread and wanted to point you to (best I have seen yet )an excellent tutorial on cleaning spyware out of the machine...
What are you usin' to cool the machine. Fans or water cooled?
This link is cool! Thank you, thank you, thank you!
I'm doing a big project for work, and I was hoping to wrap it up this weekend, but I'm hoping to squeeze in some quality time with my computer.
BTW, the thing on wheels is to get under the computer desk, and around to the other side. I have a huge monitor, and a big computer desk, so that baby ain't movin' anywhere! I have to push aside the subwoofer, and crawl under the desk in order to get to the plugs in the back. I know that it sounds complicated, but this is how I, a weak and puny woman, have it all worked out.
You guys take your upper body strength for granted, I think. :oD
Well we would have to see pictures before we could believe that....
Hey I am on the network and typing this message to you running on my AMD64 machine, running SUSE 9.1 professional and something called Konquerer .
Seems to have a spell checker built in, boy I need that...
Now I have got to figure out how to download and install Firefox....I really like that Fox!
Vut are you sayink? You tink maybe dat I am strong like ox?LOL!
Is trut to be told I got big strendt of brains, but am puny in physics.
Hey I am on the network and typing this message to you running on my AMD64 machine, running SUSE 9.1 professional and something called Konquerer.
Dis vould be of great interest if only am I able to make sense of it!
Seems to have a spell checker built in, boy I need that...
HA! I have need of dis spell checkink, too!, vellcom to club!
Talk to me about safe mode I see on you link, ya?
Mine is a puny 3000+ runs at 2 Gigahertz.
Now the SUSE 9.1 Professional is a Linux distro, (distro is an abbreviation of distribution .... a packaging of components you see... )
And Konquerer. seems to be a combination browser and file Manager. It is very new to me so I know very little about it.
Hmmm.... not sure about that....
Lets ping shadowace...and Backhoe!!!!
That's pretty much amazing!
BTW, I'm looking at your other thread - the one you pinged me to.
I'm getting really pooped, but if I have enough energy, I'll post a horror story over there.
It all started when I opened my local phone bill this morning....
Don't tell me you got one of those autodialer thingies onto your system?????
You can catch those on the porno sites you know... I don;t have that problem since my machine has been neutered... can't dial anyone...but he is online whenever he powers on....
That's really all I know. Sorry.
I have never purposely gone into safe mode, but I've seen it come up a couple of times on its own, and I had to figure out how to get out of it.
The webpage you linked said to download all the progams while in safe mode.
I'd like to understand what safe mode is, and whether or not it's really better if I download in safe mode.
Apparently, yes. How does it work?
Thank God it was only one call. To the Solomon Islands no less! The last time any of my family had anything to do with the Solomon Islands, was when my father fought there during WWII!
There must be another way to pick up an auto dialer, because I don't go to porn sites. Really! :oD
BTW, how could something like this happen when I'm already dialed to an ISP?
Yaaahhh Right.....
Damn, I just nuked a frozen snicker candy bar in my puny microwave in Defrost mode power level 3, and in 2 and half minutes the turntable was all gooyey... yikes something else to clean up, sink is already full of dirty dishes..
Well, the dialer program could just break the connection with the ISP and get dial tone and dial the farout number...
But why the Solomon Islands??
How do you know it was done from your computer????
I've been thinking of the Chocolate Haagen Dasz that's innocently sitting in my freezer....
Ok, I confess! That *might* have been a porn site. There was one time I wanted to see what The Donald's girlfriend looks like. (I was watching The Apprentice, at the time.) I sure *did* see what she looks like! :oD
I called up my local phone company, and spoke with a girl who told me that from what she's seen, there have been different parts of the country affected, but now the northeast is being inundated with this problem. She's seen a lot of calls to the Solomon Islands, and one to Cook Island.
She told me that the phone numbers/lines were accessed through the phone customers' computers. I thought she knew what she was talking about, and that she made a lot of sense.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.