Windows ‘Scob’ virus designed to steal financial data, passwords; Macintosh unaffected

“A potentially dangerous Internet attack on personal computers by a virus designed to steal financial data and passwords from Web users rippled across the Internet on Friday, computer security experts said,” Duncan Martell reports for Reuters. “The attack, which surfaced earlier this week and is known as the “Scob” outbreak, exploits a vulnerability in servers using a version of Microsoft Corp.’s IIS software, and has been called more dangerous than the recent ‘Sasser’ and ‘Blaster’ infections.”

“The infected servers in turn exploit another vulnerability in Microsoft’s Internet Explorer browser to install a Trojan Horse virus on the PCs of Web surfers who visit the infected Web sites, said Alfred Huger, senior director of engineering at Internet security company Symantec Corp.,” Martell reports. “‘All of this takes place while it looks like you’re viewing the same Web page,’ Huger said. ‘You don’t even know that parts of your browser have been redirected to another Web site.'”

“The U.S. Computer Emergency Readiness team warned on its Web site that ‘any Web site, even those that may be trusted by the user, may be affected by this activity and thus contain potentially malicious code.’ The Trojan Horse places a keystroke logger on users’ PCs and is designed to capture credit card numbers and passwords and send them back to a server in Russia, said Michael Murray, director of vulnerability and exposure at computer security firm nCircle Network Security,” Martell reports.

“The attack is more alarming than most because there are no patches available yet from Microsoft to fix the vulnerability in Internet Explorer that lets the hackers take control of computers, security researchers said… The Macintosh version of Internet Explorer is not affected, nor are non-Microsoft browsers such as Mozilla, Opera and Apple Computer Inc.’s Safari browser, security experts said,” Martell reports.

Full article here.

MacDailyNews Take: The headline pretty much says it all. For Windows-only readers interested in information about smoothly adding a Mac to your computing arsenal (so you can surf the Internet with impunity), please click here.


  1. ’cause when they buy a new PC that is the first thing that launches. Why do you think it is prime real estate on the desktop? Even if these users switch to a Mac, they have been “assimilated” and continues to use it. Bill’s plan in action.
    does not matter that is the greatest POS software out there.

  2. Why do people use windows Internet Explorer, whats so great about it?

    Ever wonder what the term Killer App means? Well MSIE is a triple-entendre:
    1) Popular application which motivates someone to purchase a personal computer to use it.
    2) By giving MSIE away for free, MS undercut the sales model for and took marketshare from Netscape Navigator/Communicator.
    3) By acting as a host for myriad virii, worms, trojan horses and popups, MSIE effectively kills the usefulness of your personal computer.

    Put that in your satellite and launch it! Beep! Beep!

  3. If they buy a new Mac Internet Explorer is’nt even installed – they wall have to use Safary.

    Besides – Microsoft has announced i is stopping development of Internet Explorer for mac and PC.

    I assume this is because ‘longshit’ will have a ‘new’ browser which will be a direct copy of Safari/Camino and all the other best browsers!

  4. Sorry to be so repetitive, but it wil be worth it if it saves one hapless soul from doom.

    Users of Internet Explorer on Windows:

    Dump your browser, trash it — immediately (download Firefox first). This could save you a world of grief!

    Change your bank accounts, your email, your credit card numbers too — they have been compromised. Your data is sitting on some database somewhere along with that of your family and friends, ready for one mass-multiple fraud transaction by organized crime before they retire to the good life with your retirement assets. DO IT QUICK

    And consider changing your name and address too. You may not be who you think you are anymore.

  5. More info:

    “It’s demonstrating the evolution and the constant innovation in the hacking and virus community,” said Chris Kraft, a senior security analyst at antivirus software vendor Sophos Inc.

    The new attack affects only computers running software from Microsoft Corp., specifically the Windows operating system and the Internet Explorer browser, and Web servers using Microsoft’s Internet Information Server.

    Unknown vandals exploited a flaw in the server that let them install a piece of code onto a Web page. This code is written in a simple programming language called Javascript, and vulnerable Internet Explorer browsers will run the program automatically. The program orders the browser to visit another website, without displaying the site on the computer user’s screen. This second website contains a malicious computer program called xxx.php, which is downloaded onto the visitor’s computer without his knowledge.

    . . . . . . . . . .

    Stephen Toulouse, program manager at Microsoft’s security response center, said his company’s engineers still don’t fully understand what the program does, but he added, “We do know in some cases it tries to capture information.”

  6. aw look at that there is another virus on miicrosoft and mac is un effected. so what did myit teacher sad that mac are useless, slow and you cant do anything on them, ye right, like windows any better.
    maybe oe day there will be a virus that would shut down whole of the windows 😀 ?

  7. In reply to solarflare:
    Besides all the misspellings this info is still incorrect.

    “If they buy a new Mac Internet Explorer is’nt even installed – they wall have to use Safary.”
    – Wrong, IE still comes loaded on new Macs.

    “Besides – Microsoft has announced i is stopping development of Internet Explorer for mac and PC.”
    – Wrong again. They are stopping development of IE for Mac.

    – They still will be using IE in Longhorn.

    “I assume this is because ‘longshit’ will have a ‘new’ browser which will be a direct copy of Safari/Camino and all the other best browsers!”
    – Wrong again, they will still be using IE, and although they are adding Block Pop-Ups, and a new Download Manager, the rest looks like crap. Also does not look like it has tabs.
    MS still years behind.

  8. Oh, Secunia…. wherefore art thou? Don’t have a fix for this? Why not? Spending too much time focusing on finding <potential> security issues with the Mac OS that have produced not a single disabled computer to date while M$ machines continue to swim in a sea of trojans/virii/worm exploits that are now of the Titanic type? Looks like you’re missing the boat, here, Secunia…

  9. I must share my observations…

    As I pass through the “academic” and “IT” world the overwhelming message is to create online applications for the .NET framework and MSIE. Of course the applications must run on a IIS Windows server. These two communities have invested all of their shared resources (knowledge and financial) in the Microsoft arena.

    The most interesting portion is if you bring up any concepts outside of MS they freak-out. Change scares the pants off of these people more then the reality that the system them base their careers on is flawed.

    Perhaps as more and more of the IT world have their home machines destroyed just by surfing they may begin to realize the folly they are living…

    … a side note the only troubleshooting help I give my PC friends any more is..

    1. Buy a Mac
    2. Trash IE

    for everything else you are on your own…

  10. It is starting to have a real effect. I just got an IM from my PC using sister. She asked what I knew about Opera and I recommended that she also look at firefox. Then she said that if she the money, she would seriously consider buying a Mac.

    At the very least, I believe the days of IE dominating the browser landscape are numbered. My sister is in no way tech savvy though she does know quite a bit about using her Windows box. The fact that she is looking for alternatives is very striking to me.

  11. I just spent the morning removing IE and Outlook Express from my wife’s Dell laptop, and replacing them with Firefox and Thunderbird, respectively. If M$ isn’t going to fix their non-standard, non-secure OEM software, she’s not going to use it.

    Now, if only I could replace XP with OSX…

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.