Hackers have used rogue banner ads to dupe users to Web sites that place malicious code of a MyDoom variant onto personal computers, according to the SANS Institute Internet Storm Center.
"The Storm Center received a report of a high-profile U.K. Web site that contains a pointer on their main page to another URL hosting the Bofra/IFRAME exploit," ISC director Marcus Sachs said in a widely-disseminated message. "We have confirmed that if this site is visited using Internet Explorer, the exploit will be downloaded."
This worm is said to use a package of attack methods from spam to virus infections to Trojan horse programs and was discovered a mere five days after the iFrame vulnerability found in Microsoft Internet Explorer was discovered and confirmed.
Several European Web sites have been hit through the unpatched iFrame exploit, according to several security reports. Microsoft criticized independent researchers who discovered the vulnerability because they didn't advise Microsoft before publishing their findings, but neither has Microsoft released an iFrame patch through this writing.
"Please exercise caution when using Microsoft's Internet Explorer, since this issue has no current patch," Sachs said in his message. "The Storm Center recommends using an alternative browser when visiting sites other than those you absolutely trust."
