MAC-NETHow toNetwork SecurityVirus ProtectionSpyware ProtectionDownloadReferenceContact
 

Do more with FirefoxNEW

What is a computer virus?

Alert: Computer Virus Outbreaks

AVG Alternative Update URL

AVG Anti-Virus 7 FE

AVG Anti-Virus 7.5

AVG Email Server Edition

AVG File Server Edition

How to - Avoid Getting Infected

How to - Disabling System Restore

How to - Put Windows in Safe Mode

MAC OS X Anti-Virus

Removal of Trojan

Removing File Locked by OS

Stop the virus Ping-Pong

The real thing !

Viruses: Email-borne

Viruses: On-line Scanners
Home » Virus Protection » Alert: Computer Virus Outbreaks » 

Scob Computer Virus

Also known as JS.Scob.Trojan, Download.Ject, and JS.Toofeer

Summary: JS.Scob.Trojan/JS/Exploit-DialogArg.b Trojan

JS.Scob.Trojan or Download.Ject is a simple Trojan that executes a JavaScript file from a remote server. The Trojan's dropper sets it as the document footer for all pages served by IIS Web sites on the infected computer. The presence of Kk32.dll or Surf.dat may indicate a client side infection.  Reports indicate that Web servers running Windows 2000 Server and IIS that have not applied update (KB835732), which was addressed by Microsoft Security Bulletin MS04-011, are possibly being compromised and being used to attempt to infect users of Internet Explorer with malicious code.

When Web surfers visited affected sites, their computers were subsequently infected through multiple vulnerabilities in Internet Explorer.  Once a Web surfer's system was attacked by the malicious JavaScript application, the surfer's computer was connected to a server located in Russia using the ADODB vulnerability. This occurs because the ADODB.Stream object allows access to the hard drive when hosted within Internet Explorer. 

Here is the ADODB vulnerability patch from MS Download.  The update to disable ADODB for Windows NT, Windows 2000, Windows XP, and Windows Server 2003.

JS.Scob.Trojan in the news:

Microsoft Corp. released instructions on how to close vulnerabilities that left users of its Internet Explorer browser open to attacks by hackers.  The security breach made it possible for users of Microsoft's ubiquitous Web browser to have their passwords and private account information stolen when they logged on to banking sites.  July 2004, USA.

The Scob virus records the passwords keyed into websites as users log on. New product is available that uses a two-factor authentication means that users never enter their password via the keyboard. Instead, a USB token or smart card containing all of their usernames and passwords is unlocked when the user enters the PIN.  July 2004, USA.

Microsoft Cutting Virus Combat Time - Computer security experts said a virus designed to steal financial data and passwords from Web users rippled across the Internet on Friday, exploiting a vulnerability in servers using Microsoft's IIS software. Known as the "Scob" outbreak, the attack has been termed more dangerous than the recent "Sasser" and "Blaster" infections. "We will guarantee that the average time to fix will continue to come down," said Gates, the software giant's chairman, who was in Australia for a charity launch. June 2004, Sydney, Australia.

SCOB Virus Strikes - A new computer virus named Scob has been unleashed, to steal valuable information like passwords or banks' data.  June 2004, Novinite, Bulgaria.

WEB Virus Might Steal Financial Data - An unusual Web virus that was spread to user computers through infected Web site servers might be a Trojan capable of sending financial information back to the author.  June 2004, NY, USA.



 

commentPost your comment 
Mail this pageMail this page

MAC-NET Secures IT | internet toolkit

© 2004-2008. All Rights Reserved.