There has been a report of a new way to hack Internet users’ systems and steal information from victims such as passwords, account numbers, etc. called the Nine Ball Attack. Believed to have infected already over 40,000 legitimate websites, it works by infecting a website which then redirects victims to sites owned by the attacker. The malicious site then downloads Trojans with keylogger components onto the victim’s computer and can log keystrokes. Nine Ball uses the following multi-level attack method: 1. Victim visits legitimate infected site. 2. Victim is redirected to one of a number of malicious sites owned by attacker. 3. The malicious site attempts to download malware to user’s computer through a number of vulnerabilities in common applications including MDAC, AOL SuperBuddy, Adobe Reader, and QuickTime exploits. 4. The malware is generally a keystroke logger which is then used to steal information from the victim. Users and administrators are encouraged to take the