Over the last few weeks, we are seeing a bunch of malware infected workstations, more than normal. What is happening is the user is seeing a pop up when they are browsing on the Internet. The pop up indicates that the machine is infected and offers to run a cleanup function. The problem is that the pop up itself is malware. If the user clicks anywhere in the window that is popped up the machine is compromised. Even if they click the X to close the window.
This is being caused by websites that have been compromised. The user goes to what should be a valid website and gets infected because some malicious code has been injected into the web pages on the site without the site owners knowing. There have been reports that over 100,000 websites have been infected.
If the user sees a pop up that indicates that there workstation is or may be infected and the message is not a NOD32 (or whatever antivirus they are using) message, they should not click anywhere in the pop up or click the X to close the pop up window. Their best bet is simply to close any other open applications (not the pop up) and shut down or restart the computer. Once the computer restarts they should be OK.
No comments:
Post a Comment