February 23, 2009, 9:44 AM — A Trojan horse lurking on servers belonging to Auctiva.com, a Web site offering eBay auction tools, infected people's PCs last week.
The problem became very public when Google's malware warning system kicked in as people tried to browse the site, saying Auctiva was infected with malware. Google will display an interstitial page warning people of certain Web sites known to contain malware.
"It appears the reason these virus alert warnings started showing up on our site is because some of our machines were injected with malware originating in China," according to a post on Auctiva's community forum. "The malware we believe to be at fault has also hit a number of other high-profile websites over the past six months."
It appears that the malware targeted Microsoft's Internet Explorer browser. Auctiva recommended using Firefox, as that browser is "less susceptible to this sort of malware than Internet Explorer."
"Found eight trojans on my system that seemed to have snuck through my on-access protection, or maybe because, like a fool, I clicked 'ignore the warning' to get to Auctiva's front page," wrote one user on Auctiva's forum.
If Google displays a warning about a dangerous Web site, it still gives people the option of browsing to the site. Auctiva said it was working with Google to ensure the warning is not displayed now that it has cleaned up its servers.
However, people who browsed Auctiva between Thursday and Saturday afternoon until 2 p.m. Pacific time should ensure their machines are not infected. Auctiva recommends clearing the browser cache and deleting all temporary files. Also, Windows PCs should be up to date on patches, and antivirus software should be used, Auctiva said.
