New mystery virus invades the web

A mysterious computer infection is spreading on the internet, with visitors to some popular websites unwittingly downloading programmes that could allow hackers to steal sensitive data, security experts have said.

    The new virus could result in the theft of sensitive data

    Unlike viruses that spread by email, this infection is

    propagated simply by visiting an infected site, which can install a

    so-called trojan or keystroke logger that allows hackers access to

    the PCs.

     

    Various security experts labelled the malicious program Scob,

    Download.Ject, Toofer or Webber.P.

     

    "Users should be aware that any website, even those that may be

    trusted by the user, may be affected by this activity and thus

    contain potentially malicious code," said the government funded

    Computer Emergency Readiness Team (CERT) in a warning posted late

    Thursday.

     

    The trojan affects websites running Microsoft's IIS 5.0 program

    for web servers, experts said.

      

    "If users of Internet Explorer visit web pages infected by Scob,

    their computer may attempt to download a file from a Russian

    website," the security firm Sophos said Friday.

     

    Patrick Hinojosa, chief technology officer at Panda Software,

    said the number of infected computers was not known, but that

    experts hoped to have a better idea of the spread in coming days.

      

    "It's a troublesome development," he said by telephone. 

    "This is one of the first times we're seeing large websites

    having been hacked to have this type of code that affects the user

    ... a large amount of internet traffic hits these sites." 

     

    No warnings

     

    Panda Software added that the danger in this threat is that it

    "is difficult to recognise, as it does not display any messages or

    warnings that indicate it has reached the computer".

      

    But because of the apparent financial motive and the link to

    Russian servers, Hinojosa said: "We suspect there is Russian

    organised crime or something like it behind this."

     

    The security firm LURHQ said the trojan program appears aimed at

    stealing passwords or financial information.

      

    "The trojan appears to be designed for the purposes of

    'phishing', that is, stealing financial and other account details

    from the infected user," LURHQ said. 

     

    "While most phishing is done via email, this trojan directly

    captures password and logins if the infected user attempts to log in

    to eBay or [payment site] Paypal and also Earthlink, Juno and Yahoo

    webmail accounts." 

     

    Microsoft called the incident "critical" and urged users to

    download updates to protect their systems.

    SOURCE: AFP


    YOU MIGHT ALSO LIKE

    Assad to Putin: Thank you for 'saving our country'

    Assad to Putin: Thank you for 'saving our country'

    Russian and Syrian presidents meet to discuss strategy against 'terrorism' and political settlement options.

    Is Saudi Arabia becoming a danger to the region?

    Is Saudi Arabia becoming a danger to the region?

    We talk to US Congressman Ro Khanna about power politics and debate Mohammed bin Salman's new strategy for the Kingdom.

    Gender violence in India: 'Daughters are not a burden'

    Gender violence in India: 'Daughters are not a burden'

    With female foeticide still widespread, one woman tells her story of being mutilated for giving birth to her daughters.