It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
SCI/TECH: Thousands of sites affected in large scale web attack
page: 10
share:
Govenrment and industry agencies warned on thursday on a mysterious web attack against thousands of popular websites.
Authorities warn of large-scale Net attack
�Users should be aware that any Web site, even those that may be trusted by the user, may be affected by this activity and thus contain potentially malicious code,� the government warned in one Internet alert.
Web server software targeted
The mysterious infection appeared to target at least one recent version of software by Microsoft Corp. to operate Web sites, called Internet Information Server 5. The software is popular among businesses and organizations.
"Compromised sites are appending JavaScript to the bottom of Web pages," the government alert reported. "When executed, this JavaScript attempts to access a file hosted on another server. This file may contain malicious code that can affect the end user's system."
Please visit the link provided for the complete story.
The code allows hackers to use infected computers to route internet spam e-mails.
Related News
Compromised Web Sites Infect Web Surfers
IIS 5 Web Server Compromises
[edit on 25-6-2004 by John bull 1]
[edit on 25-6-2004 by Banshee]
Authorities warn of large-scale Net attack
�Users should be aware that any Web site, even those that may be trusted by the user, may be affected by this activity and thus contain potentially malicious code,� the government warned in one Internet alert.
Web server software targeted
The mysterious infection appeared to target at least one recent version of software by Microsoft Corp. to operate Web sites, called Internet Information Server 5. The software is popular among businesses and organizations.
"Compromised sites are appending JavaScript to the bottom of Web pages," the government alert reported. "When executed, this JavaScript attempts to access a file hosted on another server. This file may contain malicious code that can affect the end user's system."
Please visit the link provided for the complete story.
The code allows hackers to use infected computers to route internet spam e-mails.
Related News
Compromised Web Sites Infect Web Surfers
IIS 5 Web Server Compromises
[edit on 25-6-2004 by John bull 1]
[edit on 25-6-2004 by Banshee]
I hope ATS doesn't get infected by this virus
[edit on 25-6-2004 by bartholomeo]
[edit on 25-6-2004 by bartholomeo]
[edit on 25-6-2004 by bartholomeo]
[edit on 25-6-2004 by bartholomeo]
The dirty little secret never admitted by these websites who get hacked due to MS flaws is this:
Microsoft constantly updates patches for security reasons. The fact is that some webmasters, like many private MS users, don't update their software promptly when Microsoft sends a notice of the available patch.
If you haven't updated Windows XP, etc.,go now to: v4.windowsupdate.microsoft.com...
Failure to keep up with the available patches is like leaving your back door unlocked in a bad neighborhood.
www.onealclan.com (Bible Code Website)
Microsoft constantly updates patches for security reasons. The fact is that some webmasters, like many private MS users, don't update their software promptly when Microsoft sends a notice of the available patch.
If you haven't updated Windows XP, etc.,go now to: v4.windowsupdate.microsoft.com...
Failure to keep up with the available patches is like leaving your back door unlocked in a bad neighborhood.
www.onealclan.com (Bible Code Website)
On a bit of a tangent...with this being hyped to be the 'Summer of Terror' and all, couldn't this be the first volley in an attempt to create a
mass DDoS attack which could cripple the 'net? I only think of it because a crippled internet trickles down into IP phone systems, Police and
Emergency Dispatch Systems, Cell Phone and Text Message Networks, etc. and such a crippling would be very helpful in amplifying casualties found at a
standard attack site by confusing the efforts to aid the attacked.
Originally posted by bartholomeo
I hope ATS doesn't get infected by this virus
[edit on 25-6-2004 by bartholomeo]
[edit on 25-6-2004 by bartholomeo]
If i recall ATS is run on a Linux based Server...it doesnt have IIS.
There is no patch!
Quote from article:
"The infection appears to take advantage of three separate flaws with Microsoft Corp. products. Microsoft said software updates to fix two of them had been released in April, but the third flaw was newly discovered and had no patch to fix it yet".
Use a different browser until the patch comes out that uses Sun JAVA and turn off JAVA in IE or better yet change your security setting to high. Mac users aren't affected.
I have several browsers on my machine. I think I'll try Opera for a while.
Quote from article:
"The infection appears to take advantage of three separate flaws with Microsoft Corp. products. Microsoft said software updates to fix two of them had been released in April, but the third flaw was newly discovered and had no patch to fix it yet".
Use a different browser until the patch comes out that uses Sun JAVA and turn off JAVA in IE or better yet change your security setting to high. Mac users aren't affected.
I have several browsers on my machine. I think I'll try Opera for a while.
Until today, the news has reported that several popular websites had been compromised and used to distribute the trojan code to users who browed their
sites but had not named the sites affected.
The Mercury News has finally put names to those sites.
In a new cyberattack that spread across the Internet on Friday, computer hackers used popular Web sites such as eBay, Earthlink and Yahoo to secretly transmit a program onto PCs that records personal data like passwords and credit card numbers.
Please visit the link provided for the complete story.
I am really taken aback to find that high profile sites such as eBay, Earthlink and Yahoo would not have applied a security patch suppled by Microsoft back in April that would have prevented the hacks of their web servers. This story gets scarier as the details come to light.
In a new cyberattack that spread across the Internet on Friday, computer hackers used popular Web sites such as eBay, Earthlink and Yahoo to secretly transmit a program onto PCs that records personal data like passwords and credit card numbers.
Please visit the link provided for the complete story.
I am really taken aback to find that high profile sites such as eBay, Earthlink and Yahoo would not have applied a security patch suppled by Microsoft back in April that would have prevented the hacks of their web servers. This story gets scarier as the details come to light.
What patch? One of the three flaws has none. The April patch only fixed two of the three flaws accociated with this key logging program. The one
flaw it seems to me could still infect you if you run IE on Medium Security.
I am running Firefox right now, IE has too many flaws. I have been thinking also on downloading other browsers, althou Firefox is missing some of the
features of IE, for now it has been a pretty good browser.
I saw parts of Terminator 3 the other day. What if the new virus was one that was totally self-aware, which changed itself everytime you tried to get
rid of it?
Originally posted by TexasConspiracyNut
What patch? One of the three flaws has none. The April patch only fixed two of the three flaws accociated with this key logging program. The one flaw it seems to me could still infect you if you run IE on Medium Security.
This patch: Security Update for Microsoft Windows (835732) It is this vulnerability that was used to selectively compromise web servers.
The two flaws that affect the Internet Explorer browser, the "Cross-zone Access " & "Local Resource Access," are still un-patched. A good summary is written up at Secunia.
Got this from the paper and Microsoft site. Hope this helps. Still no patch for the one. I'm still running IE so I'll check for these files
tonite before I pay my bills. Also it seems the Russian server is shut down.
www.chron.com...
"On its Web site, Microsoft said users could search for the files "Kk32.dll" or "Surf.dat" to see if their PCs were infected. The company also suggested that users set their browser security level to high."
www.chron.com...
"On its Web site, Microsoft said users could search for the files "Kk32.dll" or "Surf.dat" to see if their PCs were infected. The company also suggested that users set their browser security level to high."
new topics
-
Las Vegas UFO Spotting Teen Traumatized by Demon Creature in Backyard
Aliens and UFOs: 2 hours ago -
2024 Pigeon Forge Rod Run - On the Strip (Video made for you)
Automotive Discussion: 3 hours ago -
Gaza Terrorists Attack US Humanitarian Pier During Construction
Middle East Issues: 3 hours ago -
The functionality of boldening and italics is clunky and no post char limit warning?
ATS Freshman's Forum: 4 hours ago -
Meadows, Giuliani Among 11 Indicted in Arizona in Latest 2020 Election Subversion Case
Mainstream News: 5 hours ago -
Massachusetts Drag Queen Leads Young Kids in Free Palestine Chant
Social Issues and Civil Unrest: 5 hours ago -
Weinstein's conviction overturned
Mainstream News: 7 hours ago -
Supreme Court Oral Arguments 4.25.2024 - Are PRESIDENTS IMMUNE From Later Being Prosecuted.
Above Politics: 8 hours ago -
Krystalnacht on today's most elite Universities?
Social Issues and Civil Unrest: 8 hours ago -
Chris Christie Wishes Death Upon Trump and Ramaswamy
Politicians & People: 9 hours ago
top topics
-
Krystalnacht on today's most elite Universities?
Social Issues and Civil Unrest: 8 hours ago, 9 flags -
Supreme Court Oral Arguments 4.25.2024 - Are PRESIDENTS IMMUNE From Later Being Prosecuted.
Above Politics: 8 hours ago, 8 flags -
Weinstein's conviction overturned
Mainstream News: 7 hours ago, 7 flags -
University of Texas Instantly Shuts Down Anti Israel Protests
Education and Media: 11 hours ago, 6 flags -
Meadows, Giuliani Among 11 Indicted in Arizona in Latest 2020 Election Subversion Case
Mainstream News: 5 hours ago, 5 flags -
Gaza Terrorists Attack US Humanitarian Pier During Construction
Middle East Issues: 3 hours ago, 4 flags -
Massachusetts Drag Queen Leads Young Kids in Free Palestine Chant
Social Issues and Civil Unrest: 5 hours ago, 4 flags -
Las Vegas UFO Spotting Teen Traumatized by Demon Creature in Backyard
Aliens and UFOs: 2 hours ago, 2 flags -
Chris Christie Wishes Death Upon Trump and Ramaswamy
Politicians & People: 9 hours ago, 2 flags -
Any one suspicious of fever promotions events, major investor Goldman Sachs card only.
The Gray Area: 13 hours ago, 2 flags
active topics
-
Meadows, Giuliani Among 11 Indicted in Arizona in Latest 2020 Election Subversion Case
Mainstream News • 10 • : chr0naut -
Supreme Court Oral Arguments 4.25.2024 - Are PRESIDENTS IMMUNE From Later Being Prosecuted.
Above Politics • 75 • : Vermilion -
University student disciplined after saying veganism is wrong and gender fluidity is stupid
Education and Media • 50 • : watchitburn -
VP's Secret Service agent brawls with other agents at Andrews
Mainstream News • 55 • : CarlLaFong -
Cats Used as Live Bait to Train Ferocious Pitbulls in Illegal NYC Dogfighting
Social Issues and Civil Unrest • 23 • : Ravenwatcher -
-@TH3WH17ERABB17- -Q- ---TIME TO SHOW THE WORLD--- -Part- --44--
Dissecting Disinformation • 680 • : 777Vader -
Is there a hole at the North Pole?
ATS Skunk Works • 40 • : Oldcarpy2 -
Fossils in Greece Suggest Human Ancestors Evolved in Europe, Not Africa
Origins and Creationism • 89 • : whereislogic -
University of Texas Instantly Shuts Down Anti Israel Protests
Education and Media • 197 • : NorthOS -
Candidate TRUMP Now Has Crazy Judge JUAN MERCHAN After Him - The Stormy Daniels Hush-Money Case.
Political Conspiracies • 790 • : Oldcarpy2
0