June 1, 2006 3:36 PM PDT

Circuit City warns of online forum attack

Part of the Circuit City Web site was hacked and used in an attempt to install malicious code on PCs of unknowing visitors, the electronics retailer said Thursday.

Cybercrooks were able to break in and modify a home theater message board on Circuit City's Web site, said Bill Cimino, a spokesman for Circuit City of Richmond, Va. Over an approximately two-week period, visitors to the board were subsequently sent to a site in Russia that attempted to install a "backdoor" on their PCs that gives the attackers remote access, he said.

Got views on Vista?

Circuit City was made aware of the attack on Thursday by the SANS Internet Storm Center, Cimino said. The company took down the message board, operated by a third party, and is in the process of notifying the 1,000 or so registered users of the online forum, he said.

"At this point we think approximately 200 users visited the site while the exploit was active," Cimino said. Those people are registered users of the message board. Circuit City has no data on people who visited the site without being registered, he said.

On Friday, Circuit City said that after further investigation, it now believes the security breach occurred on May 30. This would mean the site was only dangerous for about two days, as opposed to the two-week period initially reported. During those two days, about 80 registered users visited the infected forum, Circuit City said in a statement.

The attack affects only those people who visited the Circuit City message board on home theaters. The main Circuit City Web site was not compromised, Cimino said. Furthermore, only those forum visitors who used unpatched versions of Microsoft's Internet Explorer Web browser could be victimized, he said.

The attackers used a pair of security flaws. They first broke into the forum Web site by exploiting a bug in the Invision Power Services software that runs it, Cimino said. Then they attempted to install backdoor software onto the PCs of visitors who used a version of IE without Microsoft's January security patches installed, he said.

The Circuit City home theater forum is reached by going to the main Circuit City Web site, clicking on to Home Theater Headquarters and then hitting the "Discuss" option. The site will be back online once the third party that operates it has installed the latest patches for the message board software, Cimino said.

Circuit City recommends that its site visitors check whether they have the latest Microsoft patches installed. The company is considering offering registered forum users a free or discounted PC checkup through its partner PlumChoice.

See more CNET content tagged:
Circuit City Stores Inc., message board, visitor, malicious code, attack

2 comments

Join the conversation!
Add your comment
That's what they get
Invision Power Board is a known piece of crap that you can hack.
Posted by Jeff Putz (302 comments )
Reply Link Flag
LOL, this article mentions the circuit city, which is related with Circuit card assembly? I really couldn't follow with you.
Posted by lqyromeo (1 comment )
Reply Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.