Advertisement
Promo

Security threats Toolkit

Auntie used as bait in spyware scheme

Joris Evers CNET News

Published: 31 Mar 2006 09:25 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Cybercrooks are sending out spam to trick people into visiting malicious Web sites that exploit a recent Internet Explorer flaw, experts warned on Thursday.

The Web sites take advantage of the vulnerability in Microsoft's Web browser to install a keystroke logger on vulnerable computers, according to security firm Websense.

"This keylogger monitors activity on various financial Web sites and uploads captured information back to the attacker," Websense said in an alert. The malicious software could capture log-in names and passwords for the sites, information criminals could sell or possibly use to plunder a victim's account.

The email messages used to lure people to the Web sites contain excerpts from BBC news stories and offer a link to read more, Websense said. This link leads to a forged BBC Web page where the malicious software is dropped onto a vulnerable PC by exploiting the createTextRange() vulnerability in IE, according to Websense's alert.

The vulnerability has to do with how Internet Explorer handles the createTextRange() tag in Web pages. Since the flaw was disclosed publicly last week, more than 200 Web sites have been found to exploit it. These sites typically install spyware, remote control software and Trojan horses on vulnerable PCs.

Microsoft has said it is working on a fix for the browser. That update is currently scheduled for delivery April 11, Microsoft's regular monthly patch day. However, the Redmond, Wash., company has said it's considering an earlier release.

Meanwhile, two security companies have beaten Microsoft to the punch. eEye Digital Security and Determina both released unofficial fixes for the IE flaw earlier this week. Experts, however, have warned users to be cautious with non-Microsoft fixes and instead suggest using a Web browser other than IE, or disabling Active Scripting, which is also Microsoft's advice.

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
95 out of 184 people found this useful


In association with HP

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Security threats


Company/Topic Alerts

Create a new alert from the list below:













Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

Authentication risks all too human

Risks to successful online banking identification and authentication using smartcards involve a mixture of human and technological factors, according to the European Network and Information... More

1 comment

Opera censors Chinese content

Opera has updated the Chinese version of its mobile browser to stop users accessing restricted content. Opera Mini was updated on Friday from an international to a Chinese version,... More

2 comments

Symantec website breached

Security company Symantec has said that one of its websites was successfully breached. Romanian security researcher 'Unu' posted details of the breach in a blog post on Monday. Unu... More

Post a comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters