Glaswegian

An unpatched bug in Adobe Systems' Flash Player software is being exploited by online criminals, Symantec has reported.

"We've seen a new, previously undisclosed vulnerability in Flash that is actually being exploited in the wild," said Oliver Friedrichs, a director with Symantec Security Response.

The attacks are relatively widespread, too, according to McAfee. Criminals have hacked into about 220,000 web pages and added scripts to these pages that redirect victims to one of at least 57 web servers that actually serve up the attack code. Once a computer has been compromised, the attackers try to install several malicious programs, such as remote-control botnet software and programs designed to steal World of Warcraft usernames and passwords.

The attack servers were not always live Monday, popping on and off the Internet all day, said McAfee security research manager David Marcus.

The hacked sites that redirect victims to the attack servers include the web pages for small towns, businesses or non-profit organisations, Marcus said. They were probably hacked with an automated tool that used Google to search for pages vulnerable to certain types of web attacks, he said.


http://www.techworld.com/security/ne...&NewsID=101610

__________________
Iain - Defender of the Haggis and all things Scottish.
I don't help by PM - post in the Forums.



Ad-Aware::SpywareBlaster::SpyBot::SpywareGuard::SnoopFree::AVG Free::HOSTS File::HijackThis::Donate::5 Steps For Infected PCs