Check Point Advisories

Update Protection against The WebAttacker Spyware

Check Point Reference: CPAI-2006-083
Date Published: 16 Jul 2006
Severity: Medium
Last Updated: Thursday 03 May, 2007
Source:  Sophos
Industry Reference:

 

Protection Provided by:
Who is Vulnerable?  Microsoft Windows clients
Vulnerability Description WebAttacker is a spyware kit sold on a Russian website for $15. The kit includes scripts designed to make simpler the task of infecting computers: the buyer spams out a message to email addresses inviting them to visit a compromised website. Once the user enters the compromised website, The website attempts to download the malicious code remotely onto the user's PC by taking advantage of known web browser and operating system vulnerabilities.

Update/Patch Avaliable 
Vulnerability DetailsThe Russian website makes the kits available for online purchase and offers technical support to its buyers. 
These kits explain how to lure users into visiting compromised websites. These sites contain JavaScript code that identifies the visiting computer?s browser version and operating system, including any installed patches, and launches the most appropriate exploit. The exploit downloads a program that attempts to turn off the firewall and install malware, generally a password stealer, keylogger or a banking Trojan.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK