John, As you wrote, JS.Seeker-x is not a virus family but a Trojan family.
So, it is not self-propagating and that is intentionally that it is added on the html' pages of many sites (actually, more and more often). Until now, what it does is not very dangerous : just some links that are added to the favorite folder and the MS-IE startup page that is changed WITHOUT your agreement. I uppercase "without" because if a script prompt you before adding favorites or modifying the startup page it must not be considered as a Trojan. So I'm not sure that the guys who add these scripts on their sites really figure what they are doing. Anyway, I've written "until now", because this family, which includes JS.Exception.Exploit, JS.Clid.Gen, JS.Offensive and some others, is a good entry point for more dangerous scripts to be written. I'm anxious to see that the number of trojans that belong to this family are increasing along weeks. To reply to your question, I'm not aware of a place to report the web sites that propagate this kind of malware. If such a place exist, you can asap report at least 75 % of the porn sites : most of them use JS.Seeker or JS.Eception.Exploit to increase their traffic... Regards. Jean-Luc Cavey National AntiVirus Specialist 75014 Paris, France E-Mail : [EMAIL PROTECTED] ICQ/UIN : 122785712 ================================ La presence de ce texte prouve que ce message electronique a ete verifie par un logiciel anti-virus � jour au moment de l'envoi. The presence of this text proves that this e-mail has been verified by an up-to-date anti-virus software at the time of the sending. ================================ ----- Original Message ----- From: "VanMeter, John" <[EMAIL PROTECTED]> To: "Incidents (E-mail)" <[EMAIL PROTECTED]>; "SECURITY-BASICS (E-mail)" <[EMAIL PROTECTED]> Sent: Tuesday, February 12, 2002 3:27 PM Subject: Malicious web sites > I had a user that was exposed to the JSCript/Seeker.e.Trojan after visiting > a web site. The user wasn't infected since the browser and anti-virus > software is up to date with patches and updates. > > But what I would like to ask is. > > Does anyone know of a place were you can report web sites that are > propagating viruses? You can go to emailabuse.org to report the use of > electronic mail to advertise unethically, harass, annoy, or cause harm to > the email recipient. > > John van Meter > ----------------------- > Worrying is like rocking in a rocking chair -- It gives you something to do, > but it doesn't get you anywhere. > > > > -------------------------------------------------------------------------- -- > This list is provided by the SecurityFocus ARIS analyzer service. > For more information on this free incident handling, management > and tracking system please see: http://aris.securityfocus.com > > >
