A cross-platform Internet super-hacker script is threatening the security of online data.
The threat was spotted by the FBI and US Defense departments. Now, the official Internet emergency response team - the CERT Coordination Centre of Carnegie Mellon University - is co-ordinating the response.
The threat comes from scraps of computer code called “cross-site scripting”. It is
hidden within links to popular sites and can be emailed or published online.
The code can alter information displayed on a Web browser, such as account details or stock values. The code can also catch and transmit cookies, meaning hackers can access a victim's cookie profile and pose as that user on another site.
The CERT team has warned that consumers can do nothing that will guarantee complete protection from the virus.
CERT is now calling for a co-ordinated effort from Web designers to contain the danger. It advises Internet users not to click on Web links from untrusted sources, including spam email and discussion group messages.
Experts also suggest that Web users should prevent browsers from launching scripts, though this solution is not always practical, as many sites require scripts in order to operate.
Microsoft has revealed that it will publish full details and recommendations for consumers on the security area of its Web site.