Stealth Program Hijacks PCs to Send Porn Ads

Discussion in 'malware problems & news' started by Smokey, Jul 11, 2003.

Thread Status:
Not open for further replies.
  1. Smokey

    Smokey Registered Member

    Joined:
    Apr 1, 2002
    Posts:
    1,513
    Location:
    Annie's Pub
    Close to 2,000 Windows-based PCs with high-speed Internet connections have been hijacked by a stealth program and are being used to send ads for pornography, computer security experts said on Friday.
    It is unknown exactly how the so-called "Trojan" program is spreading to victim computers around the world, whose owners most likely have no idea what is happening, said Richard M. Smith, a security consultant in Boston.

    Security provider Network Associates Inc. rated the trojan a low risk since it did not appear to be more widespread and was not harming the victim computers.

    Trojan programs are typically spread via e-mail viruses and can also sneak onto computers through Web browsers when surfing, he said.

    The trojan, dubbed "Migmaf" for "migrant Mafia," turns the victim computer into a proxy server which serves as a sort of middle man between people clicking on porn e-mail spam or Web site links, according to Smith.

    It allows the victim computer to fetch porn Web ads from an undisclosed server and pass the ads on to other computers either through an e-mail spam or a Web browser.

    The victim computer acts as a "front" to the porn Web site, enabling the porn Web servers to hide their location, Smith said.

    The scam also is believed to be responsible for a PayPal scam discovered last week designed to collect credit card information from people who filled in a form they received via e-mail purporting to be from Web payment provider PayPal, Smith said.

    Smith said he suspects whoever is responsible for the Migmaf scam may be in Russia because some e-mail addresses involved in the scheme go back to Russian servers and there are other Russian language references in some domain names that are involved.

    Broadband Internet users should always use firewalls to block such stealth activity, he said.

    Computers with updated anti-virus software will also be protected, said Lisa Smith, a product manager for Network Associate's McAfee consumer division.

    In addition, there is software designed to specifically block trojan-type programs.

    Source: Reuters, San Francisco
     
Loading...
Thread Status:
Not open for further replies.