Monday, February 11, 2008

Antivirus website of AvSoft caused Virus download

AvSoft Technologies, an antivirus developer based in India, had a unique problem recently when its web site started delivering a virus to its customers. The malware was first detected by security company AVG and reported by its CRO (chief research officer) Roger Thompson. The malware is part of the Virut family of viruses and hacks.

According to Thompson, the hackers used a vulnerability that can affect any server - an iFrame hack. By hacking an opening in an iFrame window in the server, the visiting customer can then be redirected to another server containing malware.

iFrames are a standard way to put content in place in a webpage. It is the ability to create an invisible iFrame window that makes them a tool of choice for new hackers. It’s hard to fight against what you can’t see, after all.

AvSoft is the developer behind SmartCOP an Smartdog antivirus software. It is virtually unknown in the United States, doing most of its business in Asia. The news would not have made headlines in the States, except that it illustrates a new threat to companies that have web servers - the invisible iFrame hack.

McAfee Security Research Manager Dave Marcus believes that the site was compromised by exploiting a Web programming error, most likely in the site’s SQL or PHP code. Security experts say that criminals have written automated programs that scour the Web for these types of flaws and then automatically infect sites, making this an increasingly common problem.

The code was first discovered in the downloads portion of the SmartCOP website. There is no comment from the company on the problem as yet, and no word on if the virus has been removed or not.

Source-Yahoo!News
Posted by at No comments:

Wednesday, February 6, 2008

How to Delete Trojan Horse

Since Trojan horses have a variety of forms, there is no single method to delete them. The simplest responses involve clearing the temporary internet files on a computer, or finding the file and deleting it manually. Normally, anti-virus software is able to detect and remove the trojan automatically. If the antivirus cannot find it, Rebooting the computer in Safemode (with or without networking) may allow an antivirus program to find a trojan and delete it.
Posted by at No comments:
Subscribe to: Posts (Atom)