Symantec are warning web surfers of a new trend in spyware and adware infections – visitors to a number of corporate websites are getting a bit more than they bargained for.
It’s claimed that organised crime groups in Eastern Europe are hacking corporate sites and installing code that takes advantage of two flaws in Internet Explorer to install spyware and other unwanted applications on visitors’ PCs without their knowledge. Spyware can be used to harvest personal details about a computer owner such as bank details, whilst adware can be used to hijack browsers and display unwanted advertising to users.
Microsoft has not yet released a patch for the flaws, leaving millions of PCs open to infection. Although the browser flaw is well publicised, there is still some confusion surrounding how hackers are installing the script on web servers running Microsoft’s IIS service in the first place.
Without listing the companies responsible for spreading the infection, they state surprise that the unwitting culprits “include businesses that we presume would normally be keeping their sites fully patched.”
Free anti-spyware and anti-virus software:
A browser with less security holes in it: