Watch out! Incoming mass hack attack

Our servers have been hit hard today and until microsoft launch an urgent update the problems are set to increase.

Please take this seriously as at this time no-one is sure how computers are being infected apart from through certain javascripts that download onto your computer without your knowledge. The payload includes keyboard logging (credit card details for example!), proxy servers and other back doors providing full access to the infected system. The javascript uses a so far unpatched vulnerability in MSIE to download and execute the code. No warning will be displayed. The user does not have to click on any links. Just visiting an infected site will trigger the exploit.

If you visited an affected page, and your BROWSER is compromised:

* You may see a warning about a javascript error. But it depends on how the attack code interfers with other javascript on the respective page, and many users disable these javascript warnings.
* Disconnect the system from the network as soon as possible.
* run a thorough virus check with up to date virus definitions. Many AV vendors released new definitions as recently as last night.
* If you are able to monitor traffic to the infected host, you may see attempts to contact 217.107.218.147 on port 80.
We do not have any evidence of any other target IPs being involved at this point. However, as this ip is no longer reachable, attackers may plant scripts that point to other IPs in the future
* AV software will detect the javascript as 'JS.Scob.Trojan'.

Now the serious part

They recommend that you use a browser other than ie until Microsoft patches this latest in a very long line of bugs.

For a large list of other browsers Click here or if you take my recommendation use Opera.

More details can be found here