“Hackers sent a chill across the Web last week when they engineered a way to take over Microsoft-designed Web servers [IIS] to spread a virus onto Windows PCs. The virus was planted on Windows computers when they visited Web sites that had been attacked. Macintosh computers were not affected…,” Al Fasoldt reports for The Syracuse Post-Standard.
“The breach in IIS security is considered extremely grave, considering the way hackers forced the IIS systems to become virus servers. Basically, when a Windows PC running Internet Explorer asked for a page from one of the hacked Web sites, it got both the page and the Scob Trojan at the same time. There was no outward sign that anything was amiss. Internet experts pointed out that the infected Web sites were all standard sites – all ‘trusted sites,’ in the words of one of the security experts,” Fasoldt reports. “… [The Scob Trojan works by] logging keystrokes on the infected Windows computer with the aim of collecting passwords and financial data.”
“This much was known as of midweek: Only Windows computers are affected… if they use Internet Explorer… There is no fix for the problem as of yet… The version of Internet Explorer used on Macintosh computers is safe. Apple Computer’s own browser, Safari, is also safe. Apple’s Macintoshes do not work the way Windows computers do, and viruses aren’t able to get the same kind of foothold on Macs… Web servers other than IIS were not vulnerable to this attack,” Fasoldt reports.
Full article here.