How SpyAxe and WinHound infect victim computers

Despite the fact that SpyAxe and WinHound have already threw thousands of people into a panic, a little was known about the means how these dangerous trojans infect user computers. According to the recent research of Websense, security software company, and own information, both SpyAxe and WinHound get into victim computers by exploiting several Microsoft Internet Explorer vulnerabilities discovered in May and late November, but still unfixed. Thousands of malicious web sites plant those parasites into each visitor’s system. All it takes to get infected is to visit an insecure site with Internet Explorer running on Windows 98, Me, 2000 or XP (even with Service Pack 2). The victim will not notice anything suspicious, as exploits do not require any user interaction. Websense also provides an example demonstrating what happens when a fully-patched Windows XP workstation visits a malicious web site – it gets immediately infected. The desktop wallpaper gets changed with a fake alert and a corrupt spyware remover gets downloaded and launched. It doesn’t matter whether an antivirus or a firewall is installed to the system, since such software often is unable to prevent malware installation through Internet Explorer vulnerabilities. How SpyAxe and WinHound infect victim computers

Linked by shanmuga Monday, 12th December 2005 12:24AM