New virus eyes financial data
2004-06-27 20:38
New York - A computer virus designed to steal valuable information like passwords spread on Friday through a new technique that converted popular websites into virus transmitters.
Though the impact of the "Scob" outbreak was mild compared with recent infections like "Sasser" and "Blaster," security experts worried about its method of delivery.
With Scob, virus writers have discovered yet another way, beyond e-mail and network techniques, of distributing their malicious code.
Now that the exploit is out, it won't be long before others adapt it for spamming and for launching broad attacks to cripple the internet, said Alfred Huger, senior director of engineering at security company Symantec Corp.
The infection, first discovered by Microsoft on Thursday, appears to take advantage of three separate flaws with Microsoft products and can be difficult to detect.
Stephen Toulouse, a security program manager at Microsoft, said software updates to fix two of them had been released in April, but the third flaw was newly discovered and had no patch available yet.
He recommended that computer owners obtain the latest security updates for Microsoft products and their anti-virus and firewall programs. For the flaw that lacks a patch, he said, users should also turn up security settings on Microsoft's Internet Explorer browsers to the highest levels.
Users could also turn off the "JavaScript" feature on their Microsoft browsers, though doing so could cripple functions on some sites.
The virus does not affect Macintosh versions of Internet Explorer, nor does it spread through non-Microsoft browsers like Mozilla and Opera.
Users can search their computers for the files "Kk32.dll" or "Surf.dat" to see if they are infected. Removal tools are available from major anti-virus vendors.
Experts said the infection was unusually broad but wasn't substantially interfering with internet traffic.
- AP