Java snooping viruses | West Coast Ferries Forum

Java snooping viruses Apr 24, 2008 9:28:57 GMT -8

Quote

Post by D'Elete BC in NJ on Apr 24, 2008 9:28:57 GMT -8

Apr 24, 2008 6:07:59 GMT -8 Northern Exploration said:

BCinNJ has asked me to post this for him. Seems he is having problems with his "end". His gastro-intestinal issues asside

and frankly TMI here you go.

www.shippingtimes.co.uk/item_10018.html

*oops the problem at his end are Java related and not the Starbucks kind. He also is cautioning about Java snoop programs so be careful what you open over the next while.

LOL...well, no comment on my blockage issue...on to the other issue...Java snooping viruses, please practice safe Java-ing:

www.cbc.ca/technology/story/2008/04/23/tech-hacking.html

Hundreds of thousands of popular websites hacked: report
Last Updated: Wednesday, April 23, 2008 | 6:42 PM ET

Hundreds of thousands of legitimate websites, including some United Nations and U.K. government sites, have been compromised by hackers looking to steal user information, according to an internet security firm.

The hackers, believed by Websense Inc. to be the same group responsible for breaking into the 2007 Super Bowl website, have been using a JavaScript injection attack on hundreds of thousands of websites since Tuesday.

When a user navigates to a compromised site the injected JavaScript loads a file into the user's browser, which then uses eight different exploits that target Microsoft applications, Websense said. The exploits then allow the attackers to steal user information.

Affected sites included at least one from the UN's International Monetary Fund, as well as the U.K.'s civil service recruitment website.

"This attack seeks to exploit users who trust that their favourite, legitimate websites are safe," said Dan Hubbard, vice-president of security research at Websense, in a statement. "Unfortunately, we believe that attacks that target popular websites — those with the most unique visitors — will be on the rise."

By infecting hundreds of thousands of popular sites at the same time, attackers only need a few hours to net a large number of victims, Websense said.

The company said the new "well-orchestrated, widespread" attacks are similar to those detected in March, which infected a number of well-known websites — U.S. news websites, a major Israeli shopping portal and numerous travel sites — with malicious links.

In addition to the new sites targeted, the hackers have also gone after those infected in March that have not yet been cleaned of the malicious code, the company said.

The attack is also similar to one that infected the website of Dolphin Stadium in February 2007, leading Websense to believe the same group is responsible.