Web Design Brisbane - Raycon Web Design Brisbane - Raycon

Articles

View full article list

Russian Phishing Trojan

Mark Edwards
28-06-2004

Late on the 24th of June the activities of a new trojan were discovered on the Internet. Security experts have variously labelled the malicious program Scob, Download.Ject, Toofer or Webber.P.





What does it do?



This is a high risk trojan that installs itself on vulnerable machines to record the password and username information you type into various sites like EBay, PayPal and Yahoo. It appears to be programmed to communicate this information to servers in Russia possibly controlled by organised crime groups.





Who is at risk?



Both website owners and people using Internet Explorer to visit infected sites.



Website owners: According to Microsoft, reports indicate that unpatched Web servers running Windows 2000 Server and IIS, are possibly being compromised and used to attempt to infect users of Internet Explorer with malicious code.



Websurfers: You can be infected by this trojan simply by visiting a site infected with this trojan software. Several large and popular sites have been infected and this could in turn lead to many users being unwittingly infected by this trojan.





How do I protect myself?



If you are running a Microsoft based web server in your office, you should ensure that your systems and software are not compromised and are secured against this trojan. If you do not know how to do this yourself, you should contact me directly.



For users of Internet Explorer, Microsoft have further information and advice including how to tell if you have been infected at: www.microsoft.com/security/incident/download_ject.mspx

Once again, if you do not know how to do this yourself, you should contact me directly.

View full article list