Hackers Use Web Sites, Ads to Infect PCs (Last Weekend's Attack)

Hackers co-opted several popular Web sites including comedycentral.com over the weekend, using them to infect thousands of computers with a virus that can be used to steal passwords, bank accounts and other personal information.

Displaying an increasingly sophisticated approach to online theft, the hackers gained control of a German online advertising services firm and served up thousands of Internet ads designed to send visitors to one of several Web sites where the hackers had installed the virus.

Hackers also can use the virus to plant programs on victims' computers that send out spam, flood monitors with pop-up advertising or attack other Web sites, said security researchers who analyzed the code.

The virus started spreading late Friday when people using some versions of Microsoft's Internet Explorer Web browser visited sites containing the ads, computer security experts said. The ads directed computers to download the virus from several Web sites, including comedycentral.com.

It does not affect computers that contain the Service Pack 2 software upgrade that Microsoft released in August for Windows XP customers. So far, the upgrade has been downloaded approximately 130 million times, according to Microsoft. There are an estimated 200 million XP users worldwide.

http://www.washingtonpost.com/wp-dyn/articles/A7913-2004Nov23.html

I highly recommend this free, efficient, and safer browser from mozilla. com

with the Safari browser, I feel pretty immune from that. It has to be a Windows thing.

GOD!!! You can AVOID this problem almost ENTIRELY by doing two very simple things:

Never, ever click a popup ad on a web page. It's just a bad idea.

and

Never, ever open an email from someone you do not personally know or are not expecting an email from.

I follow those two rules, and the recommended spybot/adaware combo, and I've *stayed* uninfected. And I run Window$.

It uses a vulnerability in Internet Explorer to download and execute crap without you knowing it and it's triggered by visiting a page that has one of those nasty banner ads.

http://www.lurhq.com/iframeads.html

Thank god to first 2 posts, and same 2 browsers.

;)

I spent up 3 hours cleaning out my system. Stupid critical update...stupid win 98.... garr! I wonder what the threshold was for getting users info. When I got infected my anti-virus got it right away, and I did my critical update, updated zonealarm, ran another check and all was good... you think they coulda still got something?

doesn't that mean your PC wasn't infected?

Get it here:
http://www.javacoolsoftware.com/

It blocks malware and spyware from downloading, and blacklists URLs that are known to try sneaky stuff.

Especially useful for preventing OTHER people from causing problems for you when they use your computer.

The answer to most PC Internet problems is right here:
http://www.mozilla.org/products/firefox

The answer to all the rest is found here:
http://www.apple.com

Do the first now; do the second when you can.

"Following an embarrassing leak of its proprietary software over a file transfer protocol site last January, the inner workings of Diebold Election Systems have again been laid bare.

A hacker has come forward with evidence that he broke the security of a private Web server operated by the embattled e- vote vendor, and made off last spring with Diebold's internal discussion-list archives, a software bug database and more software.

The unidentified attacker provided Wired News with an archive containing 1.8 GB of files apparently taken March 2 from a site referred to by the Ohio-based company as its "staff website."

Director of Communications John Kristoff said the stolen files contained "sensitive" information, but he said Diebold is confident that the company's electronic voting system software has not been tampered with."

http://blackboxvoting.com/modules.php?name=News&file=article&sid=42