A mysterious computer infection that had spread on the Internet, infecting users when they visited some popular websites and allowing hackers to steal sensitive data, has apparently been tracked down to a Russian website.
Unlike viruses that spread by e-mail, this infection was propagated simply by visiting an infected site, which could install a so-called trojan or keystroke logger that allowed hackers access to the PCs. Various security experts labeled the malicious program Scob, Download.Ject, Toofer or Webber.P.
The Russian website that spread the "malicious" Internet program has been shut down, software giant Microsoft said, adding that users of Internet Explorer are no longer at risk.
"Internet service providers and law enforcement, working together with Microsoft, identified the origination point of the attack in Russia and shut it down on Thursday," Microsoft said in a statement released late Saturday.
The Download.Ject program was not a virus or computer worm, Microsoft said, describing it as a "targeted manual attack by individuals or entities towards a specific server."
Unlike viruses that spread by e-mail, this infection was propagated simply by visiting an infected website, which can install a so-called trojan or keystroke logger that allows hackers access to the PCs, security experts said Friday.
Security experts warned that the program could be used to steal financial information and e-mail passwords.
The company, owned by billionaire founder Bill Gates, said the program "exploited a vulnerability in Internet Explorer to deliver malicious code to visitors of an affected Web site."
"Working with customers and partners worldwide, Microsoft is unaware of any widespread customer impact based on Download.Ject," said the company based in the northwestern state of Washington.
"The originating Web site of attack has been taken offline," Microsoft said.
"Internet Explorer customers are no longer at risk from that particular attack source as of Thursday evening."
Users of Microsoft's "IIS 5.0 Servers that have not been updated with security update MS04-011 are susceptible to this attack," the company said.
Microsoft recommended that customers go to www.microsoft.com/protect to shield their personal computers from infection.
Microsoft said it is working with authorities and other companies to "bring those responsible for this criminal act to justice."
From Yahoo Asia Tech news