Posted on 06/25/2004 10:41:28 PM PDT by Ernest_at_the_Beach
Internet Attack Exploits Microsoft Software Flaws Fri Jun 25, 2004 08:25 PM ET By Duncan Martell SAN FRANCISCO (Reuters) - A potentially dangerous attack on personal computers by a virus designed to steal financial data and passwords from Web users rippled across the Internet on Friday, computer security experts said. The attack, which surfaced earlier this week and is known as the "Scob" outbreak, exploits a vulnerability in servers using Microsoft Corp.'s IIS software and has been called more dangerous than the recent "Sasser" and "Blaster" infections. The infected servers in turn exploit another vulnerability in Microsoft's Internet Explorer browser to install a Trojan Horse virus on the PCs of Web surfers who visit the infected Web sites, said Alfred Huger, senior director of engineering at Internet security company Symantec Corp. "All of this takes place while it looks like you're viewing the same Web page," Huger said. "You don't even know that parts of your browser have been redirected to another Web site."
The U.S. Computer Emergency Readiness team warned on its Web site that "any Web site, even those that may be trusted by the user, may be affected by this activity and thus contain potentially malicious code." The Trojan Horse places a keystroke logger on users' PCs and is designed to capture credit card numbers and passwords and send them back to a server in Russia, said Michael Murray, director of vulnerability and exposure at computer security firm nCircle Network Security.
By late Friday, however, the threat to users' personal data has been diminished, at least for now. "The server appears to have been shut down in the last eight hours," Murray said. "We don't know if it was shut down by authorities or whether it was accidental." The attack is more alarming than most because there are no patches available yet from Microsoft to fix the vulnerability in Internet Explorer that lets the hackers take control of computers, security researchers said. On its Web site, Microsoft said users could search for the files "Kk32.dll" or "Surf.dat" to see if their PCs were infected. The company also suggested users set their browser security level to "high."
Experts also urged computer users to update their anti-virus software protection software Most anti-virus software has been updated so that it can prevent the Trojan Horse from being installed, but because there is no patch yet available, there's no way to prevent future attacks to install the virus, Huger said.
"The truly alarming part is there is no patch available for that vulnerability," Huger said.
|
Ah, just saw that.
Actually, that's a strategy to fool web sites that try to block browsers that _aren't_ IE. Headers mean almost absolutely nothing these days since the newer browsers let you fake your headers to avoid site lockouts.
See my post #78 to Meg33.
Looks like at the Spyinfo website they have a good methology to get someone started to clean the machine without starting over totally or buying a new machine.....course if you have an old one and the money ....might be smart to get a new fresh machine .... but it is almost a philosophy thing.
Said I was gonna start on Linux but I thing my newest video card, an expensive ATI all in wonder 9600xt pro just went bad.
Hmm....
Opera is mozilla based, is it not?
Opera is excellent.
While I don't find any evidence that Opera is Mozilla-based, it does seem that it is more in alignment with the Netscape/Mozilla/Firefox folks than with Redmond Washington billionaires...
The Mozilla Foundation and Opera Software have published a paper outlining their vision for Web applications. The paper, submitted in preparation for next week's W3C Workshop on Web Applications and Compound Documents, describes a device-independent Web application framework based on HTML and backwards-compatible with existing Web content. The two organisations are keen to get parts of this framework in place soon to prevent a single-vendor solution (see Microsoft's position paper) becoming dominant.
I said
Firefox and Thunderbird are now installed, everything went smooth except for maintaining my website (with Homestead), which wanted me to Install Netscape Plugins, I sent off a message to tech support and will maintain the website w/ IE until I hear back.
Painless, easy
Thank you
What a difference a day makes, I am back to IE, (everything was working fine until my Firewall decided Firefox was an issue, next thing I know all of my settings are changed, my IP rejected any attempt to log on, down hill from there)
I uninstalled my Firewall, tried to re-install Firefox and had the same problems.
I am still using Thunderbird (I like it too, and I still like Firefox) but until the new Firefox comes out I will continue to use IE and patch and update for protection. For a day it was good, I was a happy camper and I hope the new edition of Firefox can deal with the Firewall issue.
Thanks again
TT
Spyware Info has a great tech forum. The guy had me download "HiJack This" plus do some other stuff with various files.
It was a great learning experience ( I had never dealt with a "trojan" before--it was stealing/hijacking my cursor). He gave very clear instructions, and we finally got rid of it. And all of this help was free!
It's a great site if you are having any problems with your PC, or even if you want to just learn about spyware, trojans, etc.
The program "HiJack This" is a good thing to have (it's free too). But before you use it to delete anything, it's best to post your log file of it to the forum board and let one of the tech guys tell you what to delete and what not to delete (unless you already are a techie yourself and don't need them to tell you).
I haven't tried it so I wondered when you mentioned an unnamed open-source simulator. Of course, it's still at version 0.9.4 and has a lot of catching up. What specifically did you not like about it?
I have tried it. I'm trying to get rid of something that got into IE that causes pop-ups on sites where there are no pop-ups. I've tried Ad-aware, spybot, CW-Shredder, and a full Norton scan. Whatever this adware thing is, it's still there. I only use IE for testing my own web sites, so it's not that big a deal... but I don't know what else the #%%$@* thing might be doing, so I want to get rid of it. So far no luck.
It crashed/froze a lot, and, at least at the time, the scenery was not as good.
Should you change your dating habits? LOL- I can't resist:):):)
OK, now you have me curious. Under what OS were you running it and what version of the simulator were you using? The website says the entire scenery set occupies 11 CDs which sounds like either a LOT of low quality stuff or a decent amount high quality stuff. The disk map shows practically all land areas covered as well as significant oceanic areas.
Hey yall I have a question. I have been invaded by much of this spyware, trojans malware etc. One day my cd-rom opened up by itself! I almost flipped out, no joke.
I had popups everywhere and my google searches were messed up. I have spybot and ad-aware. When I first used them with the latest updates it didn't get rid of the google problem I was having.
Two days ago I updated spybot and ad-aware fixed my search engine problem finally yay!
My question is I still have these weird things on my desktop called o , bs5-nt15v , silent?
Do I have to wait for another update for ad-aware to get rid of these things?
Also I disabled my internet explore active x, java so is this good enough or do I still need firefox?
I use netscape is that better?
Get Spyware Blaster. It prevents these things from being downloaded.
I was speaking to the same friend today, and told him about this thread. In the course of conversation, he said that sometimes the only way to get rid of something is to save to disk what you know you want to save, and uninstall *everything* else. Even the OS. Then you take your original disks and reinstall the OS and all your programs, etc.
I told him that I'd never even THINK of attempting that alone! LOL!
In the meantime, I bought Norton SystemWorks 2004 Professional. I decided that will be my first step (but not tonight).
Anyway, you may have to clean off the whole disk, as my friend discussed.
Yes! I should find men who know about computers! LOL!
I've had to do this. My wife and I cleaned off a friend's computer that had so many popups and things that it was unusable. We had to put in a second hard drive, loaded Windows on it, and cleaned the original hard drive from there. After that we were able to boot from the original hard drive and run nortons and stuff.
Sometimes you have no choice but to reload from scratch, though.
Thanks very much for the links. :o) I bookmarked both of them. I'll do SystemWorks first. Then I want to look at all the links I've collected, and then decide the order in which I want to try them.
Actually, I'm looking forward to tinkering with all of this stuff. :o)
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.