Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Major Internet Attack Under Way: Page 2 of 5

It's not clear if the latest Internet Explorer patches are able to protect users' systems from becoming infected. Internet security firm Symantec's DeepSight Threat Alert says IE users are being infected through a known, but still unpatched, Internet Explorer flaw.

Syamantec's BugTraq ID for the flaws are 10472 and 10473. More information about these flaws are available at http://www.securityfocus.com/bid/10472 and http://www.securityfocus.com/bid/10473 .

Security experts have been studying the attack and are unclear about the motive behind it. Some say the attacks can be traced to a Russian Web IP address of known spammers; others say the attack is designed to steal consumers' financial information.

Daniel J. Frasnelli, manager of the technical assistance center for managed security services provider NetSec, says it started monitoring the attack activity early Thursday and immediately notified its security customers.

NetSec wouldn't disclose the names of the E-commerce sites under attack, citing legal fears, but Frasnelli said infected sites include a major auction site, an auto-pricing site, and search-engine sites. "We all know these sites," he says.