If individuals visited the WSU homepage, www.wsu.edu, on Friday, May 20th between 3:30-5:00 pm during a recent attack on the web page there is a possibility that malware may have been downloaded to their computer system.
There are reports of at least two varieties of attack; both Exploit:Win32/Pdfjsc.PE and Rogue:Win32/FakeRean have been detected.
More information on either malware can be found at the following links:
http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Exploit%3AWin32%2FPdfjsc.PE
http://blogs.technet.com/b/mmpc/archive/2010/03/09/win32-fakerean-is-33-rogues-in-1.aspx
Rogue:Win32/FakeRean is a sophisticated virus that can appear under different names by various anti-virus software vendors.
Any system that connected to www.wsu.edu during this timeframe should be reviewed and cleansed with an up-to-date anti-virus software product. While initial scanning with anti-virus software and another malware detector such as MalwareBytes should be completed, there is a possibility that an infected computer system may need to be rebuilt from a known good copy.
For questions please contact your departmental IT support staff or the Help Desk at 509-335-HELP (4357) or helpdesk@wsu.edu.