A Year Ago: Softseek infect users with Netbus Trojan

"Windows security program" WinSec carries the well-known back door Trojan, Net Bus 170 W95.

The owner of a Web site carrying a potentially dangerous Trojan program claims he is the innocent victim of a Web site hijacker.

Internet security Web site, PCHelp, Thursday evening issued a security alert accusing popular download site Softseek.com of infecting the computers of users with Trojan horse program, NetBus, leaving them vulnerable to remote attack.

Within the alert, PCHelp alleges that "Windows security program" WinSec, supposed to enable administrators to restrict user access to different Windows features, carries the well-known back door Trojan, Net Bus 170 W95.

The latest version of Norton Anti-Virus confirms this, automatically alerting a user to the presence of Net Bus when download is initiated.

But Rick Halter, who runs the Xoom site where the Trojan lives, claims the whole incident is not his fault. "I am very aware of this, and I am trying to remedy the problem," he says. "It seems as if someone got the password to access my Xoom account and changed some files."

European product manager for Network Associates Anti-Virus, Jack Clark lays the blame squarely at the door of both Softseek and Xoom. "I don't know how this could of happened, obviously they're not using up-to-date anti-virus software. Some anti-virus software doesn't even bother to check for this sort of thing and maybe they're using that. It just goes to show the importance of anti-virus software for anyone even considering e-commerce."

Win Sec has been available from the Softseek since June 14, and PCHelp claims that warnings communicated to Softseek about the problem have been ignored.

Softseek and Xoom were unavailable for comment.

To have your say online click on the TalkBack button and go to the ZDNet News forum.

Let the editors know what you think in the Mailroom. And read what others have said.