another virus alert

Discussion in 'Chit Chat' started by Kathleen12, Apr 2, 2008.

  1. Kathleen12

    Kathleen12 New Member

    I read this on my diabetes board and pasted this here. Be careful everyone.

    By Byron Acohido and Jon Swartz, USA TODAY
    Cybercrooks are manipulating the computer code used to put the pizazz in millions of websites in hopes of taking over unsuspecting consumers' PCs.
    The vulnerability occurs when someone does a Google search, then clicks on a result that has been secretly tainted by hackers. They will usually be taken to the Web page they expect. But at the same time, they are invisibly redirected to a computer server that installs a hidden program.

    This program enables hackers to use the PC to spread spam and carry out scams. Typically, it also lets the attacker embed a keystroke logger, which collects and transmits your passwords and any other sensitive data you type online.

    Any website indexed by Google (GOOG) that fails to carefully handle JavaScript — the coding that activates many cool Web features, such as changing the color of a button when someone mouses over it — is a potential target. That's seven in 10 sites, says tech security firm WhiteHat Security. Hackers have discovered ways to trick the website application to run malicious JavaScripts.

    "We're in a phase where one or two smart guys are attacking a few dozen major websites," says David Dewey, manager of IBM's X-Force security division. "In the next few weeks I would expect to see copycats attacking hundreds of high-profile websites."

    Attackers have secretly corrupted Google results that direct traffic to Wired, CNet,,, ZDNet Asia, and many universities, says Dancho Danchev, a Netherlands-based security researcher, and Finjan Software, an Israeli security firm.
    Most Google search results are safe. But in March alone Dewey and other security researchers found several hundred thousand corrupted Web pages returned in common Google search queries. They fear crime groups have just begun to take advantage.

    Google issued a statement saying it is helping affected websites fix the problem and is also developing new tools "to detect and block" malicious Web pages.

    Security experts say consumers can protect themselves by keeping anti-virus subscriptions and software updates current. Running an anti-virus scan may help repair infected PCs, although more serious fixes may be necessary.

    Spokespeople for and Wired said each blocked the attacks as soon as they were discovered. CNet, owner of and ZDNet Asia, declined to comment. did not respond to queries.

    "It should be the responsibility of the website operators to stop exposing people to risk as soon as possible," says Billy Hoffman, a security researcher at Hewlett-Packard. Gail Hillebrand, senior attorney at Consumers Union, agrees.

    Attackers have taken advantage of JavaScript before, but usually on individual sites. The search engine trick — which has been focused on Google, though it could work on Yahoo and MSN search engines — is new, Danchev says.

    Attackers are thrilled "to capture even a small percent of the traffic" of a big site, Finjan's Yuval Ben-Itzhak says.
  2. fivesue

    fivesue New Member

    by something. My husband, very computer literate, is having a terrible time trying to get rid of it. I will have him read this and see if it might give him a clue what happened.

    Thanks for leaving this up.

  3. victoria

    victoria New Member

    for 'black rayon slacks'... one of the sites hijacked me to a porn site that froze my computer (url sounded legitimate, don't remember tho what it was and not about to try to repeat experience!).

    Doesn't seem to have done any damage other than getting me angry... BUT -that is the very first time that's ever happened to me on google - and for such an innocuous search!

    I guess you never know... I run AVG's free updates and have XP firewall altho I've had problems (prior to the above hijacking) suddenly being able to download pdf documents. (also been having problems with outlook express sending, gives me an error message even tho it has sent, and I have to hand-delete).

    Sigh, guess after almost 4 years with this computer & no major problems until past 2 months, I'll have to hire someone as I haven't been able to figure it out, and I am lame at this anyway.

    you never know, I guess!