Windows ‘Scob’ virus designed to steal financial data, passwords; Macintosh unaffected

“A potentially dangerous Internet attack on personal computers by a virus designed to steal financial data and passwords from Web users rippled across the Internet on Friday, computer security experts said,” Duncan Martell reports for Reuters. “The attack, which surfaced earlier this week and is known as the “Scob” outbreak, exploits a vulnerability in servers using a version of Microsoft Corp.’s IIS software, and has been called more dangerous than the recent ‘Sasser’ and ‘Blaster’ infections.”

“The infected servers in turn exploit another vulnerability in Microsoft’s Internet Explorer browser to install a Trojan Horse virus on the PCs of Web surfers who visit the infected Web sites, said Alfred Huger, senior director of engineering at Internet security company Symantec Corp.,” Martell reports. “‘All of this takes place while it looks like you’re viewing the same Web page,’ Huger said. ‘You don’t even know that parts of your browser have been redirected to another Web site.'”

“The U.S. Computer Emergency Readiness team warned on its Web site that ‘any Web site, even those that may be trusted by the user, may be affected by this activity and thus contain potentially malicious code.’ The Trojan Horse places a keystroke logger on users’ PCs and is designed to capture credit card numbers and passwords and send them back to a server in Russia, said Michael Murray, director of vulnerability and exposure at computer security firm nCircle Network Security,” Martell reports.

“The attack is more alarming than most because there are no patches available yet from Microsoft to fix the vulnerability in Internet Explorer that lets the hackers take control of computers, security researchers said… The Macintosh version of Internet Explorer is not affected, nor are non-Microsoft browsers such as Mozilla, Opera and Apple Computer Inc.’s Safari browser, security experts said,” Martell reports.

Full article here.

MacDailyNews Take: The headline pretty much says it all. For Windows-only readers interested in information about smoothly adding a Mac to your computing arsenal (so you can surf the Internet with impunity), please click here.

45 Comments

  1. ’cause when they buy a new PC that is the first thing that launches. Why do you think it is prime real estate on the desktop? Even if these users switch to a Mac, they have been “assimilated” and continues to use it. Bill’s plan in action.
    does not matter that is the greatest POS software out there.

  2. Why do people use windows Internet Explorer, whats so great about it?

    Ever wonder what the term Killer App means? Well MSIE is a triple-entendre:
    1) Popular application which motivates someone to purchase a personal computer to use it.
    2) By giving MSIE away for free, MS undercut the sales model for and took marketshare from Netscape Navigator/Communicator.
    3) By acting as a host for myriad virii, worms, trojan horses and popups, MSIE effectively kills the usefulness of your personal computer.

    Put that in your satellite and launch it! Beep! Beep!

  3. If they buy a new Mac Internet Explorer is’nt even installed – they wall have to use Safary.

    Besides – Microsoft has announced i is stopping development of Internet Explorer for mac and PC.

    I assume this is because ‘longshit’ will have a ‘new’ browser which will be a direct copy of Safari/Camino and all the other best browsers!

  4. Sorry to be so repetitive, but it wil be worth it if it saves one hapless soul from doom.

    Users of Internet Explorer on Windows:

    Dump your browser, trash it — immediately (download Firefox first). This could save you a world of grief!

    Change your bank accounts, your email, your credit card numbers too — they have been compromised. Your data is sitting on some database somewhere along with that of your family and friends, ready for one mass-multiple fraud transaction by organized crime before they retire to the good life with your retirement assets. DO IT QUICK

    And consider changing your name and address too. You may not be who you think you are anymore.

  5. More info:

    “It’s demonstrating the evolution and the constant innovation in the hacking and virus community,” said Chris Kraft, a senior security analyst at antivirus software vendor Sophos Inc.

    The new attack affects only computers running software from Microsoft Corp., specifically the Windows operating system and the Internet Explorer browser, and Web servers using Microsoft’s Internet Information Server.

    Unknown vandals exploited a flaw in the server that let them install a piece of code onto a Web page. This code is written in a simple programming language called Javascript, and vulnerable Internet Explorer browsers will run the program automatically. The program orders the browser to visit another website, without displaying the site on the computer user’s screen. This second website contains a malicious computer program called xxx.php, which is downloaded onto the visitor’s computer without his knowledge.

    . . . . . . . . . .

    Stephen Toulouse, program manager at Microsoft’s security response center, said his company’s engineers still don’t fully understand what the program does, but he added, “We do know in some cases it tries to capture information.”

  6. aw look at that there is another virus on miicrosoft and mac is un effected. so what did myit teacher sad that mac are useless, slow and you cant do anything on them, ye right, like windows any better.
    maybe oe day there will be a virus that would shut down whole of the windows 😀 ?

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.