Posted on 06/25/2004 10:41:28 PM PDT by Ernest_at_the_Beach
Internet Attack Exploits Microsoft Software Flaws Fri Jun 25, 2004 08:25 PM ET By Duncan Martell SAN FRANCISCO (Reuters) - A potentially dangerous attack on personal computers by a virus designed to steal financial data and passwords from Web users rippled across the Internet on Friday, computer security experts said. The attack, which surfaced earlier this week and is known as the "Scob" outbreak, exploits a vulnerability in servers using Microsoft Corp.'s IIS software and has been called more dangerous than the recent "Sasser" and "Blaster" infections. The infected servers in turn exploit another vulnerability in Microsoft's Internet Explorer browser to install a Trojan Horse virus on the PCs of Web surfers who visit the infected Web sites, said Alfred Huger, senior director of engineering at Internet security company Symantec Corp. "All of this takes place while it looks like you're viewing the same Web page," Huger said. "You don't even know that parts of your browser have been redirected to another Web site."
The U.S. Computer Emergency Readiness team warned on its Web site that "any Web site, even those that may be trusted by the user, may be affected by this activity and thus contain potentially malicious code." The Trojan Horse places a keystroke logger on users' PCs and is designed to capture credit card numbers and passwords and send them back to a server in Russia, said Michael Murray, director of vulnerability and exposure at computer security firm nCircle Network Security.
By late Friday, however, the threat to users' personal data has been diminished, at least for now. "The server appears to have been shut down in the last eight hours," Murray said. "We don't know if it was shut down by authorities or whether it was accidental." The attack is more alarming than most because there are no patches available yet from Microsoft to fix the vulnerability in Internet Explorer that lets the hackers take control of computers, security researchers said. On its Web site, Microsoft said users could search for the files "Kk32.dll" or "Surf.dat" to see if their PCs were infected. The company also suggested users set their browser security level to "high."
Experts also urged computer users to update their anti-virus software protection software Most anti-virus software has been updated so that it can prevent the Trojan Horse from being installed, but because there is no patch yet available, there's no way to prevent future attacks to install the virus, Huger said.
"The truly alarming part is there is no patch available for that vulnerability," Huger said.
|
CNET Article on the virus here:
Exactly! When you uninstall it, it wouldn't uninstall everything properly and would give you a list of "cannot find *.exe file" error screens at bootup.
I laughed one time when I was fixing these errors on a computer network at the local insurance agent, and installed Mcafee and that installation package came up with an error box that said "we've detected stray files from Norton Anti-Virus exists on your computer, would you like us to get rid of these files?" and I clicked yes, and McAfee cleaned up Norton and successfully installed itself.
Everyone should keep in mind that these vulnerabilities
are designed in, so that Gates and his Hollywood buddies
can spy on you. Over time, these situations can
be exploited by others.
ROFL!
Symantec just picked up Powerquest so now I may need to look for a replacement for Partition Magic.
Although disks have really gotten inexpensive so not such a big deal now.
True. I'm going to get a second hard drive and the one I have now will be used as a backup drive.
Well this little virus thingie may just get me to move over to Linux, since the browser is the big issue and Firefox seems to be working well for most of what I do, and it will run on Linux.
I have a bunch of storage.
For all of us home users who are stuck with the Redmond operating system, I'd recommend trying to get ALL other software from SOMEWHERE ELSE for safety, NOT from microsoft.
I like the site nonags.com for very good open sourced software. These people for the most part ONLY recommend, test, and rank free software that does NOT NAG you for money to upgrade to a 'better version'.
If you need anything more commercial than that, I'd say the non-MS versions of software will be as good or better, and less virus-prone, than MS versions.
martin_fierro also had a good list of software for PC protection (except for the part about Opera).
Whichever email system you use.. BE SURE to turn OFF the reading of mail in HTML MODE. Read all messages in 'TEXT ONLY' mode or else you can be infecting your system JUST by reading a message (even without opening attachments).
Another reason to not allow HTML mode in your email reader, is that built-in images in the message (sometimes they're even invisible) will confirm to spammers that your email address is valid.
BTTT for later.
Thanks, but I use Apple products only. Safari is my browser. Microsoft is a dirty word in this house.
Thanks, beckett...I am a computer dunce and don't know how to look for this invasion, but I do have Norton on auto update...Norton has never found a virus when it scans my files.
Thank you
Well I don't what was causing problems on my computer this week
But I did want to beat the heck out of it with a baseball bat
Ping
The move to Firefox is a very easy move, suggest you both look at it.
Shadowace had some good tips on the thread he started , now in the blogger chat area.
Link to it above here somewhere.
I am doing this right now under Firefox.
There are a few things to learn, but not many , use the right click on the mouse a bit more.
Firefox doesn't have the mail capability so is much smaller than IE.
If you are a big user of mail, then Mozilla has that.
Link at post #2.
Thanks. Is there any way to tell if my computer has the virus? I ran a virus scan yesterday and it appeared that there was no problem(yet.)
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.