May 25, 2012 - 05:30 PM EDT — AAPL: 562.29 (-3.03, -0.54%) | NASDAQ: 2837.53 (-1.85, -0.07%)

Windows ‘Scob’ virus designed to steal financial data, passwords; Macintosh unaffected

Saturday, June 26, 2004 · 12:05 am · 45 Comments

“A potentially dangerous Internet attack on personal computers by a virus designed to steal financial data and passwords from Web users rippled across the Internet on Friday, computer security experts said,” Duncan Martell reports for Reuters. “The attack, which surfaced earlier this week and is known as the “Scob” outbreak, exploits a vulnerability in servers using a version of Microsoft Corp.’s IIS software, and has been called more dangerous than the recent ‘Sasser’ and ‘Blaster’ infections.”

“The infected servers in turn exploit another vulnerability in Microsoft’s Internet Explorer browser to install a Trojan Horse virus on the PCs of Web surfers who visit the infected Web sites, said Alfred Huger, senior director of engineering at Internet security company Symantec Corp.,” Martell reports. “‘All of this takes place while it looks like you’re viewing the same Web page,’ Huger said. ‘You don’t even know that parts of your browser have been redirected to another Web site.’”

“The U.S. Computer Emergency Readiness team warned on its Web site that ‘any Web site, even those that may be trusted by the user, may be affected by this activity and thus contain potentially malicious code.’ The Trojan Horse places a keystroke logger on users’ PCs and is designed to capture credit card numbers and passwords and send them back to a server in Russia, said Michael Murray, director of vulnerability and exposure at computer security firm nCircle Network Security,” Martell reports.

“The attack is more alarming than most because there are no patches available yet from Microsoft to fix the vulnerability in Internet Explorer that lets the hackers take control of computers, security researchers said… The Macintosh version of Internet Explorer is not affected, nor are non-Microsoft browsers such as Mozilla, Opera and Apple Computer Inc.’s Safari browser, security experts said,” Martell reports.

Full article here.

MacDailyNews Take: The headline pretty much says it all. For Windows-only readers interested in information about smoothly adding a Mac to your computing arsenal (so you can surf the Internet with impunity), please click here.

Categories: MacDailyNews, News

Thank You for supporting MacDailyNews!

♥ Adobe Photoshop CS6 Extended for Mac - Student and Teacher Edition DVD (65171323) only $249!
♥ Blowout: Apple 15.4" MacBook Pro i7/4Core/2.0GHz/4GB/500GB (MC721LL/A) only $1,549.99 + Free Shipping from MacMall
♥ Mac Madness Save 25% on Parallels Desktop 7!
♥ 15% Off Compatible Ink. 10% Off All Others (excludes OEMs). Free Shipping over $55. Coupon: 123BLOSSOM, Expires 6.18.12
♥ Save up to 60% at the Hammacher Schlemmer Special Values Sale-While supplies last.
♥ Dragon Dictate for Mac 2.5 - New! Simply Smarter Speech Recognition
♥ Up to 30% OFF Accessories from Verizon Wireless
♥ Limited Time Offer: Get free ZAGGsmartbuds when you buy a ZAGGsparq!

Comment Feed

45 Comments

1 2 3 Next »

Anonymous

Saturday, June 26, 2004 - 1:17 am · Reply

Why do people use windows Internet Explorer, whats so great about it?
tell you why

Saturday, June 26, 2004 - 1:26 am · Reply

’cause when they buy a new PC that is the first thing that launches. Why do you think it is prime real estate on the desktop? Even if these users switch to a Mac, they have been “assimilated” and continues to use it. Bill’s plan in action.
does not matter that is the greatest POS software out there.
1

Saturday, June 26, 2004 - 1:27 am · Reply

Absolutely nothing. Say it again! Nothing. Huh!
hubert

Saturday, June 26, 2004 - 1:45 am · Reply

my friend bobby told me that he stole his neighbors credit card. tomorrow hes going to buy a g5
billy "the wang" wangerman

Saturday, June 26, 2004 - 2:05 am · Reply

I just drop the kids off at the pool. Those little scobs.
spotnik

Saturday, June 26, 2004 - 2:18 am · Reply

Why do people use windows Internet Explorer, whats so great about it?

Ever wonder what the term Killer App means? Well MSIE is a triple-entendre:
1) Popular application which motivates someone to purchase a personal computer to use it.
2) By giving MSIE away for free, MS undercut the sales model for and took marketshare from Netscape Navigator/Communicator.
3) By acting as a host for myriad virii, worms, trojan horses and popups, MSIE effectively kills the usefulness of your personal computer.

Put that in your satellite and launch it! Beep! Beep!
solarflare

Saturday, June 26, 2004 - 2:53 am · Reply

If they buy a new Mac Internet Explorer is’nt even installed – they wall have to use Safary.

Besides – Microsoft has announced i is stopping development of Internet Explorer for mac and PC.

I assume this is because ‘longshit’ will have a ‘new’ browser which will be a direct copy of Safari/Camino and all the other best browsers!
Less is More

Saturday, June 26, 2004 - 3:05 am · Reply

Sorry to be so repetitive, but it wil be worth it if it saves one hapless soul from doom.

Users of Internet Explorer on Windows:

• Dump your browser, trash it — immediately (download Firefox first). This could save you a world of grief!

• Change your bank accounts, your email, your credit card numbers too — they have been compromised. Your data is sitting on some database somewhere along with that of your family and friends, ready for one mass-multiple fraud transaction by organized crime before they retire to the good life with your retirement assets. DO IT QUICK

• And consider changing your name and address too. You may not be who you think you are anymore.
More is More

Saturday, June 26, 2004 - 3:22 am · Reply

More info:

“It’s demonstrating the evolution and the constant innovation in the hacking and virus community,” said Chris Kraft, a senior security analyst at antivirus software vendor Sophos Inc.

The new attack affects only computers running software from Microsoft Corp., specifically the Windows operating system and the Internet Explorer browser, and Web servers using Microsoft’s Internet Information Server.

Unknown vandals exploited a flaw in the server that let them install a piece of code onto a Web page. This code is written in a simple programming language called Javascript, and vulnerable Internet Explorer browsers will run the program automatically. The program orders the browser to visit another website, without displaying the site on the computer user’s screen. This second website contains a malicious computer program called xxx.php, which is downloaded onto the visitor’s computer without his knowledge.

. . . . . . . . . .

Stephen Toulouse, program manager at Microsoft’s security response center, said his company’s engineers still don’t fully understand what the program does, but he added, “We do know in some cases it tries to capture information.”
artiom

Saturday, June 26, 2004 - 5:22 am · Reply

aw look at that there is another virus on miicrosoft and mac is un effected. so what did myit teacher sad that mac are useless, slow and you cant do anything on them, ye right, like windows any better.
maybe oe day there will be a virus that would shut down whole of the windows ?
MacDust

Saturday, June 26, 2004 - 6:39 am · Reply

In reply to solarflare:
Besides all the misspellings this info is still incorrect.

“If they buy a new Mac Internet Explorer is’nt even installed – they wall have to use Safary.”
- Wrong, IE still comes loaded on new Macs.

“Besides – Microsoft has announced i is stopping development of Internet Explorer for mac and PC.”
- Wrong again. They are stopping development of IE for Mac.
http://www.microsoft.com/mac/products/internetexplorer/internetexplorer.aspx?pid=faq#features

- They still will be using IE in Longhorn.
http://www.osnews.com/story.php?news_id=5389

“I assume this is because ‘longshit’ will have a ‘new’ browser which will be a direct copy of Safari/Camino and all the other best browsers!”
- Wrong again, they will still be using IE, and although they are adding Block Pop-Ups, and a new Download Manager, the rest looks like crap. Also does not look like it has tabs.
MS still years behind.

http://www.osnews.com/story.php?news_id=5389
BuriedCaesar

Saturday, June 26, 2004 - 10:08 am · Reply

Oh, Secunia…. wherefore art thou? Don’t have a fix for this? Why not? Spending too much time focusing on finding <potential> security issues with the Mac OS that have produced not a single disabled computer to date while M$ machines continue to swim in a sea of trojans/virii/worm exploits that are now of the Titanic type? Looks like you’re missing the boat, here, Secunia…
five-o

Saturday, June 26, 2004 - 11:53 am · Reply

I must share my observations…

As I pass through the “academic” and “IT” world the overwhelming message is to create online applications for the .NET framework and MSIE. Of course the applications must run on a IIS Windows server. These two communities have invested all of their shared resources (knowledge and financial) in the Microsoft arena.

The most interesting portion is if you bring up any concepts outside of MS they freak-out. Change scares the pants off of these people more then the reality that the system them base their careers on is flawed.

Perhaps as more and more of the IT world have their home machines destroyed just by surfing they may begin to realize the folly they are living…

… a side note the only troubleshooting help I give my PC friends any more is..

1. Buy a Mac
or
2. Trash IE

for everything else you are on your own…

�
jdb

Saturday, June 26, 2004 - 1:17 pm · Reply

It is starting to have a real effect. I just got an IM from my PC using sister. She asked what I knew about Opera and I recommended that she also look at firefox. Then she said that if she the money, she would seriously consider buying a Mac.

At the very least, I believe the days of IE dominating the browser landscape are numbered. My sister is in no way tech savvy though she does know quite a bit about using her Windows box. The fact that she is looking for alternatives is very striking to me.
rogozhin

Saturday, June 26, 2004 - 1:50 pm · Reply

I just spent the morning removing IE and Outlook Express from my wife’s Dell laptop, and replacing them with Firefox and Thunderbird, respectively. If M$ isn’t going to fix their non-standard, non-secure OEM software, she’s not going to use it.

Now, if only I could replace XP with OSX…
solid

Saturday, June 26, 2004 - 1:56 pm · Reply

“As I pass through the “academic” and “IT” world the overwhelming message is to create online applications for the .NET framework and MSIE. Of course the applications must run on a IIS Windows server. These two communities have invested all of their shared resources (knowledge and financial) in the Microsoft arena.”

I thought the same thing at my Fortune 500 company, but somehow, amazingly, incredibly, development direction changed from .Net to J2EE/IBM Websphere, along with an increased emphasis on Unix. Now we’ll see how pissed off Gates and Ballmer are and if they’ll play hardball.

No word about Mac OS X Server, but at least it’s a move in the right direction.
Jack A

Saturday, June 26, 2004 - 3:05 pm · Reply

Just glad to be on a Mac, the “Zero Tolerance for crapware” Platform.

Great article on why Macs are more secure:

http://daringfireball.net/2004/06/broken_windows
Aryugaetu

Saturday, June 26, 2004 - 3:10 pm · Reply

Copies of copies… geeeesh!!!

MDN: I think it is very poor journalism to point to an article that is merely a copy of the original. Give credit where it is really due, to the originator!!

The ORIGINAL article is at Reuters.com by Duncan Martell.
Specifically, it’s at…
http://www.reuters.com/newsArticle.jhtml;jsessionid=5QSU1NPZJXVNSCRBAEOCFFA?type=technologyNews&storyID=5519887

MDN: I think it is very poor journalism to point to an article that is merely a copy of the original. Give credit where it is really due, to the originator!!
Red Wings

Saturday, June 26, 2004 - 3:13 pm · Reply

Seems like free alternate browsers need to be better advertised on web pages. Also it might be a good story for news networks, but they probably wont carry the story since theyre mostly idiots and MS apologists.
Anonymous

Saturday, June 26, 2004 - 3:22 pm · Reply

Aryugaetu-
thats why its has ” ” ‘s around the whole thing and it has a link to the full article