[IP] Web Virus May Be Stealing Financial Data

To: Ip <ip@xxxxxxxxxxxxxx>
Subject: [IP] Web Virus May Be Stealing Financial Data
From: David Farber <dave@xxxxxxxxxx>
Date: Fri, 25 Jun 2004 15:18:30 -0400
List-help: <http://v2.listbox.com/doc/help_sub?list_name=ip@v2.listbox.com>
List-id: <ip@xxxxxxxxxxxxxx>
List-software: listbox.com v2.0
List-subscribe: <mailto:subscribe-ip@v2.listbox.com>, <http://v2.listbox.com/subscribe/?listname=ip@v2.listbox.com>
List-unsubscribe: <mailto:unsubscribe-ip@v2.listbox.com>, <http://v2.listbox.com/member/unsubscribe/?listname=ip@v2.listbox.com>
Reply-to: dave@xxxxxxxxxx
Sender: owner-ip@xxxxxxxxxxxxxx

Web Virus May Be Stealing Financial Data
By ANICK JESDANUN

NEW YORK (AP) - A mysterious Internet virus being spread Friday byhundreds and possibly thousands of infected Web sites may be aimed atstealing credit card and other valuable information, security expertswarned.

The infection appears to take advantage of three separate flaws withMicrosoft Corp. products. Microsoft said software updates to fix two ofthem had been released in April, but the third flaw was newlydiscovered and had no patch to fix it yet.

Experts said the infection, detected by Microsoft on Thursday, wasunusually broad but wasn't substantially interfering with Internettraffic.

Security experts at Microsoft and elsewhere worked Friday to pin downhow the infection spreads across Web sites. It appears to target atleast one recent version of Microsoft software for operating Web sites- called Internet Information Server.

The infection makes subtle changes to the Web site so visitors get apiece of code that's designed to retrieve from a Russian Web sitesoftware that records a person's keystrokes and can send data back,experts say. Such software ``Trojan horses'' are routinely used to fishfor credit card numbers, bank accounts, passwords and the like.

Now that the code is out, other hackers are likely to adapt it todistribute software for spamming and for launching broad Internetattacks against popular Web sites, said Alfred Huger, senior directorof engineering at security company Symantec Corp.

``Users should be aware that any Web site, even those that may betrusted by the user, may be affected by this activity and thus containpotentially malicious code,'' the U.S. Computer Emergency ReadinessTeam warned in an Internet alert.

Stephen Toulouse, a security program manager at Microsoft, recommendedthat computer owners obtain the latest security updates for Microsoftproducts and their anti-virus and firewall programs.

Because one flaw has yet to be fixed, he said, users should also turnup security settings on Microsoft's Internet Explorer browsers to thehighest levels.

Security experts noted that users can avoid the exploit by usingalternative browsers such as Mozilla and Opera. Users could also turnoff the ``Javascript'' feature on their Microsoft browsers, thoughdoing so cripple functions on some sites.




The infection does not affect Macintosh versions of Internet Explorer.



On the Net:



Microsoft bulletin:



http://www.microsoft.com/security/incident/download-ject.mspx

<http://cnn.netscape.cnn.com/news/story.jsp?flok=FF-APO-1333&idq=/ff/story/0001%2F20040625%2F1310284967.htm&sc=1333&related=off&photoid=20040622TXDP101&floc=NW_1-T>


-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/

Prev by Date: [IP] the passing of Herman H. Goldstine
Next by Date: [IP] CREATOR OF ASCII CODE SYSTEM DIES AT 84
Previous by thread: [IP] the passing of Herman H. Goldstine
Next by thread: [IP] CREATOR OF ASCII CODE SYSTEM DIES AT 84
Index(es):
- Date
- Thread