Craftier Trojan Invades 10,000 Web Sites, Stumps Security Pros
More than 10,000 Web sites in the U.S. alone were infected by the latest type of malware attack during the month of December. The attack, dubbed "random js toolkit," is an extremely elusive Trojan that infects a computer user's machine, sending personal data over the Internet to the criminal mastermind. Stolen data can include documents, passwords, surfing habits and any other sensitive information that may be of interest to criminals.
The "random js toolkit" is a Javascript code that is created dynamically and provides a random filename that can only be accessed once. As a consequence, it changes every time it is accessed. The dynamic embedding, known as "code obfuscation," is done in such a selective manner that once a user has received a page with the embedded malicious code, it will not be referenced again during future visits.
February 2008