Yesterday, South Korea antivirus software company AhnLab announced that most of the South Korean website infected with the theft of game account malicious code, and such code can be spread through the network to other computers. Related malicious code is propagated through "yahoo.js" malignant scripts. When a computer user logs on to a Web site infected with a "yahoo.js" script, the script will implant the "S.exe" file into the user's computer through a Windows system vulnerability. The "S.exe" file runs automatically, generating a file "Xcvaver0.dll" with Keyboard Records (Keylog) features in the C:/windows/system32 folder. At this point, computer users in the login game, the account information will be leaked to the outlaws. and the keyboard recording function is suitable for most famous games in South Korea. In addition, the relevant malicious code can be spread over the network to other computers, such as companies or Internet cafes, such as the use of the same network, as long as there is a computer recruit, all other computers will also be infected. AhnLab said: "There are countless Korean sites that infect the associated malicious code, so we can't tag all the sites." For security reasons, all computer users need to update antivirus software to the latest version and make security updates to resolve Windows system vulnerabilities. ”
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
