Samsung Electronics' U.S. Web site is hosting a Trojan horse that logs keystrokes, disables antivirus applications and steals online banking access codes, according to Internet security company Websense. "Currently, there is no exploit code on the Web site that attempts to trigger a download of the file without user interaction," Websense said in an alert this week. "The site is hosting and most likely distributing files to users who are lured through instant messaging or e-mail links."
Joel Camissar, Australian country manager for Websense, told ZDNet Australia that Samsung has been informed about the issue but has not yet removed the offending files. "As of (Friday morning Sydney time), the malicious code on the Web site was still active," he said. According to Websense's alert, the site "has been hosting a number of directories and files which, when downloaded and run, install malicious code on end-users' machines. The server appears to have been compromised and has been hosting a variety of files for some time."