It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

SCI/TECH: Thousands of sites affected in large scale web attack

page: 1
0

log in

join
share:

posted on Jun, 25 2004 @ 11:45 AM
link   
Govenrment and industry agencies warned on thursday on a mysterious web attack against thousands of popular websites.
 



Authorities warn of large-scale Net attack
Users should be aware that any Web site, even those that may be trusted by the user, may be affected by this activity and thus contain potentially malicious code, the government warned in one Internet alert.

Web server software targeted
The mysterious infection appeared to target at least one recent version of software by Microsoft Corp. to operate Web sites, called Internet Information Server 5. The software is popular among businesses and organizations.

"Compromised sites are appending JavaScript to the bottom of Web pages," the government alert reported. "When executed, this JavaScript attempts to access a file hosted on another server. This file may contain malicious code that can affect the end user's system."

Please visit the link provided for the complete story.


The code allows hackers to use infected computers to route internet spam e-mails.

Related News

Compromised Web Sites Infect Web Surfers

IIS 5 Web Server Compromises


[edit on 25-6-2004 by John bull 1]

[edit on 25-6-2004 by Banshee]




posted on Jun, 25 2004 @ 01:15 PM
link   
I hope ATS doesn't get infected by this virus
[edit on 25-6-2004 by bartholomeo]

[edit on 25-6-2004 by bartholomeo]



posted on Jun, 25 2004 @ 02:24 PM
link   
The dirty little secret never admitted by these websites who get hacked due to MS flaws is this:

Microsoft constantly updates patches for security reasons. The fact is that some webmasters, like many private MS users, don't update their software promptly when Microsoft sends a notice of the available patch.

If you haven't updated Windows XP, etc.,go now to: v4.windowsupdate.microsoft.com...

Failure to keep up with the available patches is like leaving your back door unlocked in a bad neighborhood.

www.onealclan.com (Bible Code Website)



posted on Jun, 25 2004 @ 03:10 PM
link   
On a bit of a tangent...with this being hyped to be the 'Summer of Terror' and all, couldn't this be the first volley in an attempt to create a mass DDoS attack which could cripple the 'net? I only think of it because a crippled internet trickles down into IP phone systems, Police and Emergency Dispatch Systems, Cell Phone and Text Message Networks, etc. and such a crippling would be very helpful in amplifying casualties found at a standard attack site by confusing the efforts to aid the attacked.



posted on Jun, 25 2004 @ 03:22 PM
link   

Originally posted by bartholomeo
I hope ATS doesn't get infected by this virus
[edit on 25-6-2004 by bartholomeo]

[edit on 25-6-2004 by bartholomeo]


If i recall ATS is run on a Linux based Server...it doesnt have IIS.



posted on Jun, 25 2004 @ 03:52 PM
link   
There is no patch!

Quote from article:

"The infection appears to take advantage of three separate flaws with Microsoft Corp. products. Microsoft said software updates to fix two of them had been released in April, but the third flaw was newly discovered and had no patch to fix it yet".

Use a different browser until the patch comes out that uses Sun JAVA and turn off JAVA in IE or better yet change your security setting to high. Mac users aren't affected.

I have several browsers on my machine. I think I'll try Opera for a while.



posted on Jun, 26 2004 @ 06:09 AM
link   
Until today, the news has reported that several popular websites had been compromised and used to distribute the trojan code to users who browed their sites but had not named the sites affected. The Mercury News has finally put names to those sites.

In a new cyberattack that spread across the Internet on Friday, computer hackers used popular Web sites such as eBay, Earthlink and Yahoo to secretly transmit a program onto PCs that records personal data like passwords and credit card numbers.

Please visit the link provided for the complete story.

I am really taken aback to find that high profile sites such as eBay, Earthlink and Yahoo would not have applied a security patch suppled by Microsoft back in April that would have prevented the hacks of their web servers. This story gets scarier as the details come to light.



posted on Jun, 26 2004 @ 02:12 PM
link   
What patch? One of the three flaws has none. The April patch only fixed two of the three flaws accociated with this key logging program. The one flaw it seems to me could still infect you if you run IE on Medium Security.



posted on Jun, 26 2004 @ 03:00 PM
link   
I am running Firefox right now, IE has too many flaws. I have been thinking also on downloading other browsers, althou Firefox is missing some of the features of IE, for now it has been a pretty good browser.



posted on Jun, 26 2004 @ 03:04 PM
link   
I saw parts of Terminator 3 the other day. What if the new virus was one that was totally self-aware, which changed itself everytime you tried to get rid of it?



posted on Jun, 26 2004 @ 03:13 PM
link   

Originally posted by TexasConspiracyNut
What patch? One of the three flaws has none. The April patch only fixed two of the three flaws accociated with this key logging program. The one flaw it seems to me could still infect you if you run IE on Medium Security.

This patch: Security Update for Microsoft Windows (835732) It is this vulnerability that was used to selectively compromise web servers.

The two flaws that affect the Internet Explorer browser, the "Cross-zone Access " & "Local Resource Access," are still un-patched. A good summary is written up at Secunia.



posted on Jun, 26 2004 @ 08:27 PM
link   
Got this from the paper and Microsoft site. Hope this helps. Still no patch for the one. I'm still running IE so I'll check for these files tonite before I pay my bills. Also it seems the Russian server is shut down.

www.chron.com...

"On its Web site, Microsoft said users could search for the files "Kk32.dll" or "Surf.dat" to see if their PCs were infected. The company also suggested that users set their browser security level to high."



new topics




 
0

log in

join