Careers & Certifications

10:00 AM
Connect Directly
RSS
E-Mail
50%
50%

Most Web Users Safe As Major Net Attack Slows To Keyboard Logging

A computer virus designed to steal valuable information like passwords spread Friday through a new technique that converted popular Web sites into virus transmitters.

A widespread attack on Web servers and sites continued Friday, but the Russian hacker site that was delivering malicious code to client machines has been shut down, removing -- at least temporarily -- the danger to users of Internet Explorer.

Although the site was up as late as early Friday morning, later in the day it was inaccessible. Multiple security firms confirmed that the site was down, and TechWeb was also unable to reach the site.

The attack, considered to be among the most sophisticated to date, first compromises Microsoft IIS servers, then appends malicious JavaScript code onto each page served by the infected site. End users who simply view an infected page are invisibly redirected to the Russian hacker site, which then loads one of several backdoor components and a key logger to the PC.

"The [hacker] domain is no longer available," said Ken Dunham, director of malicious code research at iDefense. "Although it could be due to high levels of traffic to the site, it's more likely it's been made unavailable because of the malicious content it was hosting." McAfee's virus research manager, Craig Schmugar, also confirmed that the site was down.

While that eliminates the immediate threat to Internet Explorer users -- with the site offline, nothing can be downloaded to compromised machines -- this is nowhere near the end of the story, said security experts.

Previous
1 of 5
Next
Comment  | 
Print  | 
More Insights
Cartoon
Slideshows
Audio Interviews
Archived Audio Interviews
Jeremy Schulman, founder of Schprockits, a network automation startup operating in stealth mode, joins us to explore whether networking professionals all need to learn programming in order to remain employed.
White Papers
Register for Network Computing Newsletters
Current Issue
Video
Twitter Feed