The yet-unnamed virus, which emerged on or before June 24, is spreading through the web at a rapid pace infecting hundreds and thousands of computers, although its intentions are still not fully know, according to experts.
One theory is that the virus is designed to steal credit card information and other personal identification information. And like most of the major viruses of this year, it takes advantage of flaws in the Microsoft platform, only two of which have a patch available. Macintosh users are once again exempt from infection.
The virus is presently at a low-risk rating by most security firms, but the concern is that the code will be made available to other malicious hackers who will develop other, possibly more destructive, variants.
The SANS Internet Storm Center believes the attack generates from a Russian spam ring with the resources and skill to wage such a grand-scale attack on the cyber community.
According to Symantec, the virus targets the Microsoft Internet Information Server so that when web surfers access an infected website, the JavaScript delivered by the site instructs the user's browser to download an executable from a Russian website and install it. The virus then provides access to keystroke loggers, proxy servers and other back doors on the infected computer.
The user remains entirely unaware that their system is under attack. There are no links that require clicking through or downloading. Merely visiting the infected website starts the viral process in motion, says SANS.
Microsoft is recommending that computer owners obtain the latest security updates for Microsoft products and their anti-virus and firewall programs, although according to reports, there is conflicting information on whether there is a patch available for the third flaw that the virus exploits.
Microsoft has also advised customers to increase their browser security to the highest settings.
Security experts and the Homeland Security Department are currently studying the virus to determine how it spreads across websites and where it originated.
"Users should be aware that any website, even those that may be trusted by the user, may be affected by this activity and thus contain potentially malicious code," the U.S. Government warned in an alert.
