Advanced Search
Business | Metro | Nation | World | Sports | Features | Specials | Delta Stories
 
 
New virus able to pilfer passwords and sell stock
6/12/2004 13:12

At least 10 people who engage in online stock transactions have had their accounts manipulated by a password-stealing computer virus that's now spreading across China.
Warnings about the Trojan-horse virus were issued yesterday by China Beijing Jiangmin Science Technology Co Ltd, a cyber security firm.
Authorities said illegal transactions have affected accounts at China's major brokerages: Guotai Junan Securities Co Ltd, Southern Securities Co Ltd, China Securities Co and Industrial Securities Co.
The virus exploits a vulnerability in Microsoft's Internet Explorer, installing itself on the computers of people who visit the Website www.shoufang.com. The name of the site is almost identical to that of a well-known Chinese real estate market portal, www.soufang.com.
Surfers who search the word "stock" on Baidu.com, one of the top Chinese search engines, are also directed to the problem site.
"The virus author paid a lot to get a good position on Baidu's search result page for stocks," said He Gongdao, Jiangmin's research and development general manager.
Once it has infected a computer, the virus automatically records the keystrokes people use when visiting stock-related Websites. It then sends that information, which can include user names and passwords, to the virus author by e-mail.
By accessing a victim's account, the virus writer can sell stock to himself a bargain prices, He said.
Most of the victims so far live in Zhejiang Province and in Wuhan City in Hubei Province. There was no word on their losses.ew virus able to pilfer passwords and sell stock


At least 10 people who engage in online stock transactions have had their accounts manipulated by a password-stealing computer virus that's now spreading across China.
Warnings about the Trojan-horse virus were issued yesterday by China Beijing Jiangmin Science Technology Co Ltd, a cyber security firm.
Authorities said illegal transactions have affected accounts at China's major brokerages: Guotai Junan Securities Co Ltd, Southern Securities Co Ltd, China Securities Co and Industrial Securities Co.
The virus exploits a vulnerability in Microsoft's Internet Explorer, installing itself on the computers of people who visit the Website www.shoufang.com. The name of the site is almost identical to that of a well-known Chinese real estate market portal, www.soufang.com.
Surfers who search the word "stock" on Baidu.com, one of the top Chinese search engines, are also directed to the problem site.
"The virus author paid a lot to get a good position on Baidu's search result page for stocks," said He Gongdao, Jiangmin's research and development general manager.
Once it has infected a computer, the virus automatically records the keystrokes people use when visiting stock-related Websites. It then sends that information, which can include user names and passwords, to the virus author by e-mail.
By accessing a victim's account, the virus writer can sell stock to himself a bargain prices, He said.
Most of the victims so far live in Zhejiang Province and in Wuhan City in Hubei Province. There was no word on their losses.