- (Reuters) -- A mysterious Internet virus being spread
Friday by hundreds and possibly thousands of infected websites may be aimed
at stealing credit card and other valuable information, security experts
warned.
-
- The infection appears to take advantage of three separate
flaws with Microsoft products. Microsoft said software updates to fix two
of them had been released in April, but the third flaw was newly discovered
and had no patch to fix it yet.
-
- Experts said the infection, detected by Microsoft on
Thursday, was unusually broad but wasn't substantially interfering with
Internet traffic.
-
- Security technicians at Microsoft and elsewhere worked
Friday to pin down how the infection spreads across websites. It appears
to target at least one recent version of Internet Information Server, Microsoft's
software for operating websites.
-
- The infection makes subtle changes to the site so visitors
get a piece of code that's designed to retrieve from a Russian website
software that records a person's keystrokes and can send data back, experts
say. Such software "Trojan horses" are routinely used to fish
for credit card numbers, bank accounts, passwords and the like.
-
- Now that the code is out, other hackers are likely to
adapt it to distribute software for spamming and for launching broad Internet
attacks against popular sites, said Alfred Huger, senior director of engineering
at Symantec Corp.
-
- "Users should be aware that any website, even those
that may be trusted by the user, may be affected by this activity and thus
contain potentially malicious code," the U.S. Computer Emergency Readiness
Team warned in an Internet alert.
-
- Stephen Toulouse, a security program manager at Microsoft,
recommended that computer owners obtain the latest security updates for
Microsoft products and their antivirus and firewall programs.
-
- Because one flaw has yet to be fixed, he said, users
should also turn up security settings on Microsoft's Internet Explorer
browsers to the highest levels.
-
- Security experts noted that users can avoid the exploit
by using alternative browsers such as Mozilla and Opera. Users could also
turn off the Javascript feature on their Microsoft browsers, though doing
so cripples functions on some sites.
-
- The infection does not affect Macintosh versions of Internet
Explorer.
-
- © Copyright 2004, Lycos, Inc. All Rights Reserved.
http://wired.com/news/infostructure/0,1377,63994,00.html?tw=wn_tophead_4
|