Malicious JavaScript downloaded from a hacked auction Web site caused Japanese Internet users serious problems over the weekend, the Japanese government’s Information-technology Promotion Agency (IPA) reported Tuesday.
The auction site Price Loto, run by Mediagate Corp., was hacked. The attack started on Saturday morning and continued until Monday afternoon when Mediagate temporarily closed the site, according to Takashi Endo, the president of the company. The site is now back in service.
Users who visited the Price Loto site using Microsoft Corp.’s Internet Explorer 4.x and 5.x, automatically downloaded malicious JavaScript that was programmed to alter the software configuration of their PCs. Users of affected PCs experienced difficulties opening up new applications, changing set-ups and closing down the operating system, the IPA report said.
After shutting down the machine by force and restarting it, a message would appear in English, saying “If you have any trouble please email:findlu@21cn.com. note:not for japanese&dog&pig,” and users would either lose all of the icons on the desktop, be unable to open any file, or be unable to shut down Windows again.
The auction site has 40,000 page views and 10,000 unique users per day, Endo said.
The IPA has received damage reports from several dozen users within the last three days, which it considers to be a large amount as it normally receives about 300 reports per month, said Shigeru Nakamura, a spokesman for the agency.
The agency is warning about the possibility of similar attacks on other Web sites and describing measures to prevent such attacks on its Web site. The attack can be prevented by blocking the browser’s security hole, or by disabling JavaScript, the IPA said.
http://www.ipa.go.jp/
.