Authorities warn of large-scale Net attack

Discussion in 'Current Events' started by nycflasher, Jun 25, 2004.

  1. nycflasher
    Offline

    nycflasher Active Member

    Joined:
    Apr 15, 2004
    Messages:
    3,078
    Thanks Received:
    13
    Trophy Points:
    36
    Location:
    CT
    Ratings:
    +14
    Hmm...

    Authorities warn of large-scale Net attack

    Thousands of sites affected by mysterious infection

    By Ted Bridis
    Technology Writer
    The Associated Press

    June 24, 2004 CHICAGO - Government and industry experts warned late Thursday of a mysterious, large-scale Internet attack against thousands of popular Web sites. The viruslike infection tries to implant malicious code onto the computers of all Web site visitors.

    Industry experts and the Homeland Security Department were studying the infection to determine how it spreads across Web sites and find adequate defenses against it.

    “Users should be aware that any Web site, even those that may be trusted by the user, may be affected by this activity and thus contain potentially malicious code,” the government warned in one Internet alert.

    Web server software targeted
    The mysterious infection appeared to target at least one recent version of software by Microsoft Corp. to operate Web sites, called Internet Information Server 5. The software is popular among businesses and organizations.

    "Compromised sites are appending JavaScript to the bottom of Web pages," the government alert reported. "When executed, this JavaScript attempts to access a file hosted on another server. This file may contain malicious code that can affect the end user's system."

    The implanted code apparently allows others to use infected computers to surreptitiously route Internet spam e-mails.

    A spokesman for Microsoft declined to comment immediately. (Microsoft is a partner in the MSNBC joint venture.)

    No Internet slowdown seen
    Experts said the attack’s effects were unusually broad but weren’t substantially interfering with the flow of Internet traffic.

    “While this is significant, it has no impact on the operation of the Internet,” said Marcus Sachs, who helps run the industry’s Internet Storm Center in Bethesda, Md.

    Experts urgently recommended consumers and corporate employees to update the antivirus software on their computers, since the latest versions can immunize visitors to infected Web sites.

    The U.S. Computer Emergency Readiness Team said computer users also could protect themselves by disabling JavaScript in their Web browser software. However, that "may also degrade the appearance and functionality of some Web sites that rely upon JavaScript," the team noted.

    EDIT: source-msnbc

    MSNBC's Alan Boyle contributed to this report.
     
  2. HGROKIT
    Offline

    HGROKIT Active Member

    Joined:
    May 22, 2004
    Messages:
    1,398
    Thanks Received:
    19
    Trophy Points:
    36
    Location:
    Federal Way WA, USA
    Ratings:
    +19
    Hear this onn the news last night. Went ot see if there were patches - alerts etc. None. Did a full update on my virus software - only one update and it was housekeeping in nature.
     
  3. NewGuy
    Online

    NewGuy Guest

    Ratings:
    +0
    There will be GNASHING of teeth worldwide.
     
  4. nycflasher
    Offline

    nycflasher Active Member

    Joined:
    Apr 15, 2004
    Messages:
    3,078
    Thanks Received:
    13
    Trophy Points:
    36
    Location:
    CT
    Ratings:
    +14
    Aside from this story, I haven't really heard anything about this.

    BTW, did you all know that there are 12 servers worldwide that run the web? None of them has ever been hacked.
     
  5. nycflasher
    Offline

    nycflasher Active Member

    Joined:
    Apr 15, 2004
    Messages:
    3,078
    Thanks Received:
    13
    Trophy Points:
    36
    Location:
    CT
    Ratings:
    +14

     
  6. nycflasher
    Offline

    nycflasher Active Member

    Joined:
    Apr 15, 2004
    Messages:
    3,078
    Thanks Received:
    13
    Trophy Points:
    36
    Location:
    CT
    Ratings:
    +14
    oops...keep repeating myself
     
  7. NewGuy
    Online

    NewGuy Guest

    Ratings:
    +0
    They don't "run" the web, and there are more than 12.

    The question is how many servers run IIS.

    IF people used Linux, this item would be a non-issue.

    Since most servers DO run Linux, it IS a non issue.

    -Unless you are a Microsoft user who agrees to let satan into your machine by carelessly clicking on "i agree" all the time because you won't take the responsibility to learn a different OS.
     
  8. Trinity
    Offline

    Trinity VIP Member

    Joined:
    Jun 16, 2004
    Messages:
    1,286
    Thanks Received:
    78
    Trophy Points:
    83
    Ratings:
    +79
    here is an update on that virus


    Security Alert: Source of remote-access Trojan horse identified

    Name: N/A
    Rank: Medium risk
    What it does: Downloads a Trojan horse on your computer via infected Web pages
    Means of transmission: Web pages infected with malicious code
    How to recognize: The presence of a Trojan horse on your PC
    Who is at risk: PC Internet surfers using Internet Explorer

    Security brief

    An attack launched this week by crackers was nipped in the bud on Friday, when Internet engineers managed to shut down a Russian server that had been the source of malicious code for the attack. However, compromised Web sites are still attempting to infect Web surfers' PCs by referring them to the server in Russia, but that computer can no longer be reached.

    Still, Network Administrators should beware as this type of attack is increasingly being used by the Internet underground as a way to get by network defenses and infect officer workers' and home users' computers.

    Internet surfers using Internet Explorer on a PC, by simply visiting certain, infected popular Web sites, may have indirectly downloaded a remote-access Trojan horse (RAT) onto their desktop computers. The RAT may then record keystrokes necessary to log into secure sites and relay that information to remote sources. Microsoft is urging Web sites running on Windows 2000 servers with IIS Version 5.0 to update with the MS04-011 security patch.



    http://techrepublic.com.com/5100-6265_11-5248320.html?tag=e101
     
  9. NewGuy
    Online

    NewGuy Guest

    Ratings:
    +0
    Run Linux.

    [​IMG]
     
  10. lilcountriegal
    Offline

    lilcountriegal Senior Member

    Joined:
    Oct 24, 2003
    Messages:
    1,633
    Thanks Received:
    59
    Trophy Points:
    48
    Location:
    Pennsylvania
    Ratings:
    +59
    I just scanned this thread quickly because viruses are foreign to me. Any mention anywhere of which websites have been infected so far?

    (please please please dont touch my ebay!!!!)
     

Share This Page