brighton rock
New member
Home PCs suffer porn hijack
Spammers could be borrowing your computer
If your home computer is a Windows PC with a broadband link it might be acting as a middleman for pornographers advertising their wares.
Security experts are warning about a malicious program that helps pornographers hide their tracks by hijacking home PCs to work on their behalf.
Once hijacked by the program, called Migmaf, a hijacked PC becomes a surrogate server funnelling the requests of people clicking on porn sites or spam e-mails to other sites.
So far the Migmaf program has snared few victims but security firms say home PC users should be vigilant and ensure they are adequately protected.
One of the victims of the hijack, Matt Hardiman, only noticed something was wrong after some time.
"I set up my computer to enable a friend of mine to download a recording of his daughter and I forgot about it," he told the BBC.
"I came back to the computer two weeks later and everything was running incredibly slowly.
"I had a closer look and found that it was running slowly because about 40 people were uploading and downloading pornography off my computer which I was unaware of," he said.
Trojan trap
The Migmaf trojan, which only hits Windows PCs, was discovered by independent security consultant Richard M. Smith when he was investigating a fake site that tried to con users of the PayPal net payments system.
The trojan runs in the background, so except for increased activity on the net or hard drive activity, you wouldn't even notice this going on
Richard Smith, computer security expert
Mr Smith found that the sites directing users to the fake site changed every few minutes.
Further investigation revealed that many of the PCs acting as middlemen were insecure home PCs sitting on fast net connections.
Such computers are eagerly sought by spammers, computer vandals and virus makers because the fast net link means they tend to stay online a long time, can pass data back and forth quickly and many possess minimal security.
When being used as a middleman, the PC passes on the requests for images or information triggered by people clicking on pornographic websites or addresses in spam e-mail messages.
The PC passes the request on to another computer in the chain or to the pornographers and spammers themselves. It also passes data back to the person who clicked on the website or e-mail in the first place.
Mr Smith said many of the people being used as a middleman may not know that Migmaf was present on their machine. He estimates that about 2,000 people have been infected by the trojan.
"The trojan runs in the background, so except for increased activity on the net or hard drive activity, you wouldn't even notice this going on," he told the BBC.
So far it is not clear how PCs contract Migmaf. Mr Smith speculated that it could have be installed by a virus or a booby-trapped webpage.
Security firms such as Symantec and Network Associates said Migmaf was a low risk because the risk of being infected was low and the trojan did no damage to its host.
To protect themselves, home users with a broadband link are recommended to use a firewall and ensure that their anti-virus software is up to date.
Spammers could be borrowing your computer
If your home computer is a Windows PC with a broadband link it might be acting as a middleman for pornographers advertising their wares.
Security experts are warning about a malicious program that helps pornographers hide their tracks by hijacking home PCs to work on their behalf.
Once hijacked by the program, called Migmaf, a hijacked PC becomes a surrogate server funnelling the requests of people clicking on porn sites or spam e-mails to other sites.
So far the Migmaf program has snared few victims but security firms say home PC users should be vigilant and ensure they are adequately protected.
One of the victims of the hijack, Matt Hardiman, only noticed something was wrong after some time.
"I set up my computer to enable a friend of mine to download a recording of his daughter and I forgot about it," he told the BBC.
"I came back to the computer two weeks later and everything was running incredibly slowly.
"I had a closer look and found that it was running slowly because about 40 people were uploading and downloading pornography off my computer which I was unaware of," he said.
Trojan trap
The Migmaf trojan, which only hits Windows PCs, was discovered by independent security consultant Richard M. Smith when he was investigating a fake site that tried to con users of the PayPal net payments system.
The trojan runs in the background, so except for increased activity on the net or hard drive activity, you wouldn't even notice this going on
Richard Smith, computer security expert
Mr Smith found that the sites directing users to the fake site changed every few minutes.
Further investigation revealed that many of the PCs acting as middlemen were insecure home PCs sitting on fast net connections.
Such computers are eagerly sought by spammers, computer vandals and virus makers because the fast net link means they tend to stay online a long time, can pass data back and forth quickly and many possess minimal security.
When being used as a middleman, the PC passes on the requests for images or information triggered by people clicking on pornographic websites or addresses in spam e-mail messages.
The PC passes the request on to another computer in the chain or to the pornographers and spammers themselves. It also passes data back to the person who clicked on the website or e-mail in the first place.
Mr Smith said many of the people being used as a middleman may not know that Migmaf was present on their machine. He estimates that about 2,000 people have been infected by the trojan.
"The trojan runs in the background, so except for increased activity on the net or hard drive activity, you wouldn't even notice this going on," he told the BBC.
So far it is not clear how PCs contract Migmaf. Mr Smith speculated that it could have be installed by a virus or a booby-trapped webpage.
Security firms such as Symantec and Network Associates said Migmaf was a low risk because the risk of being infected was low and the trojan did no damage to its host.
To protect themselves, home users with a broadband link are recommended to use a firewall and ensure that their anti-virus software is up to date.
