'Survivor' site contains malicious code
Published: 13 May 2004 10:35 BST
A Web site likely to attract fans of the CBS-owned television series Survivor could contain a nasty surprise for its visitors.
The site, owned by a party that has licensed the word "survivor" in a top-level US domain -- not linked to the television network -- today contained a smorgasbord of malicious code embedded in HTML scripts.
A concerned Web user alerted ZDNet Australia about the site after noticing that content on the site had triggered his antivirus software.
Users who visit the site without adequate antivirus protection on their PCs are at risk of being infected by three Trojans coded into scripts maliciously embedded in its content: VBS/Psyme, Debeski and Java Script/IE.startgen.d.
The Trojans take advantage of known exploits in Microsoft ActiveX, Internet Explorer and Java virtual machine.
While antivirus vendors only rank the script Trojans as moderate or low risks, they may be designed to prompt a computer accessing the site to automatically download a secondary payload from another location on the Internet.
At this stage antivirus vendors that ZDNet Australia has approached have not revealed what the payload is, but miscreants have recently contrived similar forms of attack into maliciously designed HTML emails MessageLabs detected this month.
Did you find this article useful?
70 out of 158 people found this useful
- Share this article:
Full Talkback thread
7 comments
-
This information does not do us any good when you... Bob -
Don't you think it's appropriate to provide the na... Anonymous
-
I agree with the above...why don't you put the sit... Chuck Wagon
-
Agreed. Useless article. Kind of like saying the... Idiot Savant
-
I guess nobody at ZD reads the talk back. The sto... Anonymous
-
For those of you wanting to know what the website... Anonymous
-
Seriously. Maybe I went there and am now infected... Anonymous
