New Feebs Variant Identified by Aladdin CSRT Includes Elaborate eBay Fraud Attempt
February 02 2006 - 4:34PM
PR Newswire (US)
CHICAGO, Feb. 2 /PRNewswire-FirstCall/ -- Aladdin Knowledge Systems
(NASDAQ:ALDN), the worldwide leader in Software Digital Rights
Management (SW DRM) and USB-based authentication solutions, and a
leading innovator in enterprise secure content management, today
announced that its Aladdin eSafe Content Security Response Team
(CSRT) has identified a new variant of the Feebs Trojan that
includes a dangerous new fraud attempt. Aladdin identifies the new
variant of JS.Feebs. (Logo:
http://www.newscom.com/cgi-bin/prnh/20040416/CGALADDINLOGO ) Barely
a month in, 2006 has already been dubbed "The Year of Phishing."
According to numerous reports, this year we are likely to see a
sharp increase in phishing attacks. The evidence of this imminent
threat is already apparent, with new phishing Web sites popping up
every day. One of the latest additions to this growing epidemic is
Aladdin's discovery of a new JS.Feebs variant. When executed, the
new JS.Feebs variant usually displays a fake loading screen that
looks like various popular search engines. This is followed by a
false error message stating that there was no available connection.
The scripts do this to mask their own activities which sometimes
include disabling the system's antivirus and other security-related
products as well as executing other malicious code. JS.Feebs
usually arrives by email, but it could also exist in Web sites that
would infect visitors upon access. Elaborate New Fraud Attempt This
new JS.Feebs variant also initiates an elaborate fraud attack
similar to phishing. Unlike "classic" phishing, no phishing email
or a link to be clicked exists. Rather, certain network settings of
the infected machine are modified in such a way that when surfing
to sites such as eBay (the popular online auctions Web site), using
any browser, clicking on an eBay link on the Web, or even accessing
it from the Favorites shortcut, the victim is invisibly forwarded
to a spoofed eBay site. All this time, the eBay Web address appears
normally. This happens even if the user accesses the site days or
even weeks after the original infection took place. Although the
propagation of this new variant may be slow, its infection impact
is high, as it steals personal information pertaining to regularly
used sites. The script modifies the HOSTS file found on the target
PC. This file, when modified, can override the default DNS servers,
thus allowing the user's Internet browser to receive one address
and lead to another. JS.Feebs, in this case, redirects all attempts
to enter eBay to its own, seemingly identical page. When a user
attempts to follow any links or enter a search in the appropriate
field, the script will ask for his username and password. When
personal information is entered, the user will be taken to the
actual eBay Web site, completely unaware that the sensitive
information just entered was, in fact, stolen. With this
information a hacker can order goods for free, and let the infected
user pay the price. "We see this new fraud attempt as an
illustration of the growing presence of dangerous phishing scams,"
said Shimon Gruper, vice president of technologies for the Aladdin
eSafe Business Unit. "Although Web attacks are more difficult to
measure than email-related attacks, we expect this JS.Feebs variant
to have a significant impact for infected users, as their browser
no longer indicates they are visiting a phishing site. Thus, users
are even more likely to provide their personal data, which then
lands in the wrong hands." Aladdin eSafe users are completely
immune to this attack since yesterday. Others may identify this
same threat as the "Qhost" variant. For more information, visit
http://www.aladdin.com/home/csrt/index.asp . About Aladdin Aladdin
Knowledge Systems Ltd. is a global provider of security solutions
that reduce software theft, authenticate network users and protect
against unwanted Internet and e-mail content, including spam,
viruses and spyware. Its security products are organized into two
segments: Software Digital Rights Management (DRM) and Enterprise
Security. Aladdin's Software DRM products allow software publishers
to protect their intellectual property and increase revenues by
reducing losses from software theft and piracy. Its Enterprise
Security solutions enable organizations to secure their information
technology assets by controlling who has access to their networks
(authentication) and what content their users can utilize (content
security). Visit the Aladdin Web site at http://www.aladdin.com/ .
Aladdin Knowledge Systems and the Aladdin logo are trademarks or
registered trademarks of Aladdin Knowledge Systems, Ltd. All other
product and brand names mentioned in this document are trademarks
or registered trademarks of their respective owners. Press Contact:
Investor Relations Contact: Matthew Zintel Mark Jones Zintel Public
Relations Global Consulting Group 310.574.8888 646.284.9414 First
Call Analyst: FCMN Contact:
http://www.newscom.com/cgi-bin/prnh/20040416/CGALADDINLOGO
http://photoarchive.ap.org/ DATASOURCE: Aladdin Knowledge Systems
CONTACT: Press, Matthew Zintel of Zintel Public Relations,
+1-310-574-8888, ; or Investor Relations, Mark Jones of Global
Consulting Group, +1-646-284-9414, Web site:
http://www.ealaddin.com/
Copyright
Aladdin Knowledge Systems Ltd (MM) (NASDAQ:ALDN)
Historical Stock Chart
From Sep 2024 to Oct 2024
Aladdin Knowledge Systems Ltd (MM) (NASDAQ:ALDN)
Historical Stock Chart
From Oct 2023 to Oct 2024