First of all, I appreciate ALWIL Software and avast!
"kakaku.com", which is a Japanese web site comparing prices of computer hardware, software applications and many goods and accessories for computer users, was hacked and their contents were falsified to insert a trojan downloader.
May 11, 2005, the web manager of kakaku.com knew that their web was hacked, and he thought that it was a kind of cyber terrorism. After meeting with police, the web manager decided keeping to make the contents correct manually for some days to catch the hackers. IPA, police, security advisers... were watching the sites for 24 hours every day. May 14, however, the falsification rate was so high that the web site was closed. Their customers' e-mail addresses were leaked. They says the web site will be open again about 1 week later.
But this story hasn't yet got the end. After this news about kakaku.com, web managers are checking their web contents. As the results, we have known these trojans have been inserted into some other web sites which were already closed.
Two malwares were inserted there, a trojan downloader and a trojan program. Those misuses weakness of MS04-013. An AV vendor says this trojan steals your account and password of an MMORPG. An internet media says this trojan includes a key logger.
avast! detects this trojan as Win32:Trojano-1323 [Trj]. Thank you very much, ALWIL Team.
* IPA : Information-technology Promotion Agency, Japan
