Hacked website damaged PCs in Japan
- 22 August, 2001 22:00
- Malicious JavaScript downloaded from a hacked auction website caused Japanese internet users serious problems over the weekend, the Japanese government's Information-technology Promotion Agency (IPA) reported Tuesday.
The auction site Price Loto, run by Mediagate, was hacked. The attack started on Saturday morning and continued until Monday afternoon when Mediagate temporarily closed the site, according to Takashi Endo, the president of the company. The site is now back in service.
Users who visited the Price Loto site using Microsoft's Internet Explorer 4.x and 5.x, automatically downloaded malicious JavaScript that was programmed to alter the software configuration of their PCs. Users of affected PCs experienced difficulties opening up new applications, changing set-ups and closing down the operating system, the IPA report said.
After shutting down the machine by force and restarting it, a message would appear in English, saying "If you have any trouble please email:findlu@21cn.com. note:not for japanese&dog&pig," and users would either lose all of the icons on the desktop, be unable to open any file, or be unable to shut down Windows again.
The auction site has 40,000 page views and 10,000 unique users per day, Endo says.
The IPA has received damage reports from several dozen users within the last three days, which it considers to be a large amount as it normally receives about 300 reports per month, says Shigeru Nakamura, a spokesman for the agency.
The agency is warning about the possibility of similar attacks on other websites and describing measures to prevent such attacks on its website. The attack can be prevented by blocking the browser's security hole, or by disabling JavaScript, the IPA says.