A Trojan horse program installed through malicious pop-up windows can capture normally encrypted financial information from victims’ computers, security researchers warned on Tuesday.
Pop-up program reads keystrokes, steals passwords
About The Author
Eugenia Loli
Ex-programmer, ex-editor in chief at OSNews.com, now a visual artist/filmmaker.
Follow me on Twitter @EugeniaLoli
is that unusual about IE? It always had these problems
There is simply no excuse today for using that pathetic browser called IE. cern has issued suggestions about using alternative browsers wherever applicable.
to use another browser
CERT already issued an adivsory saiyng that users should switch to something other than IE.
I wonder when MS will start doing something about these problems. The only good sign I have seen is the initialization of work on a better IE. Maybe that thing will be better. Until then I shall be using Firefox.
Go FireFox! 0.9.1 was released today too
.
It is really time to move my dad over to firefox I guess.. Too bad he didn’t buy a mac 🙂
Switch:
http://www.mozilla.org/products/firefox/
Ignacio
Yeah! Firefox!
Is there no amount of damage that can be done using the POS browser that Microsoft can never be held responsible for? I genuinely hope that SP2 does what it’s supposed to do for the sake of those who still use IE.
I use Firefox for all my web surfing at home (currently version 0.9) and while doing some surfing over the weekend; mainly bittorrent and news sites, I had my Anti-Virus pop up saying ByteVerify trojan had been detected. In the end I had 8 .class files it quarantined and identified as the ByteVerify trojan. I looked it up on the Semantic site and it’s identified as one that allows an attacker to run arbitrary code. Looks like even Firefox is vulnerable to some stuff on a Windows machine.
“Looks like even Firefox is vulnerable to some stuff on a Windows machine.”
are you reasonably sure that the browser was the reason for this trojan infection. it seems to be highly unlikely
Next update to internet explorer will come with longhorn in 2006. Why wait?
My machine resides behind a DSL router and a Zone Alarm Pro firewall, with no unnecessary services having access to the internet. I was surfing with Firefox and got the warning. Why does it seem unlikely?
it seems to be highly unlikely
Also, this link when opened in Firefox bypasses the built in pop-up blocking http://lm.pleaseeat.us/ (warning: don’t open at work, pr0n; it bypassed back when I first was pointed to it, they may have fixed in the newer release). So, people are figuring out how to do stuff.
It’s a pity that we can’t remove IE completely. Until one removes it completely, I can’t trust him when he says that his Firefox is as worse as his IE, sorry.
BIG sorry.
I don’t understand why OEMs are still shipping computers with IE configured as the default browser. I guess they care more about upsetting Microsoft than about protecting their customers. And don’t talk about compatibility crap. The vast majority of sites render just fine in alternate browsers. Would a few sites become unavailable? Sure. But what would consumers rather experience: a bit of a compatibility nuisance or getting robbed blind and having their personal financial data scattered to the winds?
Anonymous stated:
“Go FireFox! 0.9.1 was released today too
.”
No it wasn’t. I saw it yesterday
But you’re right about one thing…go FireFox!!!
I also experienced same stuff but with version 0.8. Antivirus popped in saying possible trojan (something with x/application java bla bla). At first I thought JVM is the fault,but I have it now as well and for a while nothing happened.I’m running 0.9. I think I will scrap my last Windows box in the house.Or buy a Mac when I’ll have the money.
“I use Firefox for all my web surfing at home (currently version 0.9) and while doing some surfing over the weekend; mainly bittorrent and news sites, I had my Anti-Virus pop up saying ByteVerify trojan had been detected. In the end I had 8 .class files it quarantined and identified as the ByteVerify trojan. I looked it up on the Semantic site and it’s identified as one that allows an attacker to run arbitrary code. Looks like even Firefox is vulnerable to some stuff on a Windows machine.”
Actually that is not the fault of FireFox but Java itself.
If you are worried about it, just disable Java in FireFox (not sure that IE can do that – I did stop using IE over 2 years ago due to the security and crappy standards support).
Actually that is not the fault of FireFox but Java itself.
Then I apologize for blaming Firefox. Like I said in my original post I use it for all my web browsing at home. The only time I fire up IE is to visit Windows Update.
The Java trojan that folks like Justin Sane are referring to are not the fault of any web browser, but are actually the result of the Java virtual machine which has nothing to do with a web browser itself.
I know the trojan you speak of. I have seen it happen (the same trojan) on both IE and FireFox. This is not a browser weakness at all.
I know in FireFox that it is really easy to shut off Java support – thus getting rid of the problem – just go to “Tools>Options>Web Features” and then uncheck “Enable Java”
IE can do the same but it is a little more buried. “Tools>Internet Options>Advanced Tab” and then uncheck the Java virual machine options that appear (their are often several). That will take Java off-line.
“Then I apologize for blaming Firefox. Like I said in my original post I use it for all my web browsing at home. The only time I fire up IE is to visit Windows Update.”
No problem…it is an easily confused issue.
I hear what you are saying about the “Windows Update” thing. That is the only time I use it as well.
I think firefox is best browserI have been using it since 0.6 days and it’s my main browser. It’s very good even in it’s pre 1.0 release compared to IE which is at 6.0. How come microsoft still integrate their browser with their OS? I really do not understand it’s need and it’s pity that anti trust laws can not do anything about it.
“I think firefox is best browserI”
Absolutely agree.
” How come microsoft still integrate their browser with their OS?”
Microsoft claims that by integrating the browser into the OS they can improve security. What crap. The more integrated IE becomes, the more security issues seem to rise. Longhorn is supposed to integrate IE even more…I for one will not go anywhere near longhorn when it is released. I’ll wait and see for a while and see if a bunch of security bulletins get posted (which they probably will).
Their is no need to actually integrate a broswer with the OS. MS just does it to maintain dominance.
I happy to say that I have been cured of the IE disease for over two years now…I’ve been a FireFox (plus the various other names it had before that) the whole time.
I actually find that FireFox is a much more capable browser than IE any day of the week (and any site).
I do not like IE, and I am mainly using Mozilla. However, sometimes, I have to upload some simple doc on the FTP server by IE (Win). Well, the reason is very simple, that IE is each Win system. At least for this point, no other browser can do it.
I never update my Windows, instead I remove IE a.s.a.p. with every new Windows version. Never ran into problems.
Apart from accessing IE only pages I never touch it and most of the people I know have switched to one of the tabbed browsers. Opera, Firefox and other browsers all have their own advantages and disadvantages, but one thing they have in common is that they’re all much better than IE.
Firefox is good, for being free, but it’s no Opera. That said, even links is better than IE. Right now I happen to be using Firefox because it’s free and I don’t want to buy Opera.
I take it that this is a problem with the Microsoft JVM, not the Sun one?
“Firefox is good, for being free, but it’s no Opera. ”
you havent expanded. what exactly is missing in firefox that the target segment for firefox requires?
Why the Microsoft version, of course. It does not affect the Sun JVM.
Check out the Symantec site and read up on it.
If you can’t agree with Justin then keep your opinion to yourself. As later found out in these posts, it was due to Java, and both IE and FireFox are equally vulnerable to that. You can turn Java off in firefox as well as IE but that would suck for both..so now you know…problems can happen with FireFox too.
I think the biggest problem with windows is the “Administrator” syndrome. Everyone run as admin and this had been the reason for most viruses. If people learn to run as a limited user most of the time…i am sure they will sure have less viruses (though virus like blaster will still be there…but they are rare).
people start trolling…the limited user facility only works fine on XP onwards so yes previous OSes are vulnerable and its better to use FireFox or other browser on them.
Well this is not suprising. I can see a few M$ fanboys trolling already stating that IE is not the fault of M$ or it can infect other browsers too. Java or not/exuses or not it is IE and Windows that seem to go through this every couple of days.
No maount of exuses or lies will really change anything. So why bother. In the real world its obvious what the problem is.
And no its not the endusersbadhardwaresoftware’s fault.
I would like to be able to turn off java, javascript, certain javascript features and plugins on a per-site basis just like images and cookies because turning them off completely is too extreme. And I miss the menu options for image,cookie,etc managers to make it easy to block the site you’re at
“I would like to be able to turn off java, javascript, certain javascript features and plugins on a per-site basis just like images and cookies because turning them off completely is too extreme. And I miss the menu options for image,cookie,etc managers to make it easy to block the site you’re at”
look inside updates.mozilla.org. install the tab extension and you get all you want
Ok, sorry.
But I’m particularly waiting the next generation of almost bug-free operating system of Microsoft. I’m sure that once it’s released, many crackers and hackers will have to change profession, because 90% of the Internet will be too safe for them to crack into.
Do you think like that, too?
” hackers will have to change profession”
hackers are not people who break into machines. dont fall into the mass media trap. hackers are just smart developers
At work…
If only corporate America would allow mozilla or opera.
phbs will say they need to keep ie the only browser in the corp because it is needed for compatibility and users are too stupid to switch between moz and ie if they are going to a lawson site or going to hotmail to open virus laden spam.
This attitude keeps me gainfully employed.
But in real life…
I have just converted 10 people to use mozilla 1.7 over ie with the last round of spyware from coolwebsearch and the js.scob.trojan virus infestations they have had at home. I _never_ get infections via web… I use mozilla on linux and windows.
Maybe I will start having weekends where I don’t get stupid ignorant calls about their boxen being overrun with popups and stuff, and “can you come over a look at it”, and instead will get calls about going over for a movie and pizza.
Eugenia, thanks again for this most interesting website!
Thank you for clarifying that. Always learning something, as they say.
As long as you use a Pop-up blocker such as the Google or MSN Toolbar, you are ok. Users of XP SP2 RC2 and even Longhorn are ok. The advisory also says ” While the latest program is installed on Windows computers using a known vulnerability, the helper file hack exploits a feature, not a flaw, and could work with most major browsers, Sachs said.” Just because you use FireFox or Mozilla/Netscape or even Opera does not mean you are safe. Use your pop-up blockers.
“Just because you use FireFox or Mozilla/Netscape or even Opera does not mean you are safe. Use your pop-up blockers”
misleading comment. you are not safe with IE not even with sp2. stop spreading false information.
Great. Firefox, yes. If only it starts a tidbit faster!!
I have tab extensions and while i was able to nuke flash or javascript from a particular website, when I returned to the site again there was no “memory”. I figured how to do it. Every bookmark can be configured in the bookmark manager through properties and then tab settings.
Does Microsoft figure all these IE exploits into their supposed lower TCO for Windows?
Follow this link:
http://isc.sans.org/presentations/banking_malware.pdf
and you will see this:
<< The file is not a graphic file at all. It is actually a 27648 byte Win32 executable that has been compressed using the Open Source executable compressor UPX. This file decompresses to an 81920 byte file which contains two Win32 executables bound together. The first portion of the file (and what actually runs if the file extension is changed and the program is launched) is a “file dropper” Trojan, designed to install any executable concatenated to its body. The second half of the file consists of a Win32 DLL that is installed by the file dropper under WindowsXP as a randomly named .dll file under C:WINDOWSSystem32. This DLL is installed as a “Browser Helper Object” (BHO) under Internet Explorer. >>
There is some JavaScript but I don’t see where the JVM comes into play. What am I missing?
hmm actually this thing doesn’t seem to work reliably. Firefox needs managers for plugins, javascript etc
CAN-2003-0111
Description
The ByteCode Verifier component of Microsoft Virtual Machine (VM) build 5.0.3809 and earlier, as used in Windows and Internet Explorer, allows remote attackers to bypass security checks and execute arbitrary code via a malicious Java applet, aka “Flaw in Microsoft VM Could Enable System Compromise.”
There is a way to remove ie and some junk in Windows..
try this link http://www.litepc.com …
The author used to give information for free. But thought he could cash in on it…
Anyway this is one of the lawsuit cases against M$. to not integrate the browser., and something about anti-competiveness.. hard to remember when exactly… The author pointed out that it could be done and The OS(win9x’s at that time) is still functional… IMHO i’ve tried it once and
the OS run perfectly but broke many apps (e.g. IM’s, Dreamwver, Nortn AV etc.) … The author back then provided workarounds to some apps. Don’t know about now though…
But the Point still given is that we (enduser) should have a choice., whether the enduser is computer literate or not., not to shove it down our throats (not even MAC, SUN, OSS,Zealots)…
Well on another subject., average people (semi-comp-literate-users)just use M$ for their ease of use(useability,), user-friendliness(dumbing-down).. and most importantly popularity(not to mention their ignorance)…
But even though if people are ignorant (and seem to deserve these virrri/trojan attacks), they still make a large portion of webusers clients, and they are the ones that makes such malicous attacks propagate and multiply…. a headache for WebAdmins, Helpdesk reps., and tech support guys …
For a billion $$$ co.,M$ really should have to step it up years ago… They should not let people be exploited like this…
The promised security oriented SP2 must be able to address these problems.. Maybe not all, but, at least they should be quick to address new arousing problems…
…Eventhough i know how to protect my self from such threats… other people aren’t. people you cared about.. being ripped off and violated on the net.,(your dad,mom,neighbor,friends,wifes,girlfriends,pet cat)..
Until M$ comes up with some kind of miracle cure… People should wisen up and learn to use another system… This should put more pressure to M$ if they see that their sales are falling…. All in all, i think people should get the value of their hard earned money… (Kudos to Mr. Torvalds)
Hmmm, whats the problem the M or $. If you can’t join em bash em. Right.
done! dumping IE asap downloading firefox 0.9.1 will install it.
thanks all the firefox fans
After the recent news, two of my friends finally switched to Opera.
What if they (MS) were to make IE a service? Then we could turn off that particular service.
That might be the way to go for those that complain that IE is too tightly integrated and can’t be stopped. Services can be turned on and off, disabled, and all sorts of things.
Normally I’m in MS’ camp, but tying IE into the OS is a mistake I tried to tell them about … you can see how well my rant was taken.
Why isn’t anyone defending IE? Is there a defense?
Will anyone step and be an intelligent voice of reason against the anti-IE rhetoric? Can’t there be a reason to still use it in spite of the issues? Please, give me any reason to keep using it.
I have seen MSN Explorer users have to use it.
Windows Update needs it.
MS Gaming Zone needs it.
Web-based Lawson needs it.
“I have seen MSN Explorer users have to use it.
Windows Update needs it.
MS Gaming Zone needs it.
Web-based Lawson needs it.
”
the only reason is vendor lock in. basically MS tactics at work. there is obsolutely no defense
OK. Vendor Lock In.
How can we get corporations to not allow vendor lock in by M$ or any other provider of products or services?
It will be practically impossible.
“It will be practically impossible.”
use cross platform open standards. dump IE. use firefox. dump proprietary protocols. use tcp/ip,ftp and nfs. make sure you have a way to migrate data. use cross platform software as much as possible.