Malware Pulls an “Italian Job”

This is a pretty crazy article, and the indication that 80% of the sites were at the same large italian hosting provider. Well it looks like some script kiddies did something more than just ./obb target. Imagine having access to half or a quarter of an ISP’s machines, for dDoS, spam and phishing.  Malware Pulls an "Italian Job" – A number of readers sent us word about a malware attack that has been underway since Saturday that began with the compromise of more than 1,100 mostly Italian Web sites. Websense claims that more than 10,000 sites have been infected by now, 80% of them in Italy. There are indications that most of the Italian sites are resident at the same large Italian hosting provider. Trend Micro reports on the attack, which is launched from a malicious Iframe tag inserted into pages on compromised sites. For visitors to these sites, this begins a cascade of "drive-by" malware downloads if one of several targeted vulnerabilities is available and unpatched. The first page to which visitors are redirected by the Iframe hosts a recent version of Mpack attack software. Panda has a month-old report on Mpack (PDF) that provides copious detail about its nefarious ways. Read more of this story at Slashdot.

This is a pretty crazy article, and the indication that 80% of the sites were at the same large italian hosting provider. Well it looks like some script kiddies did something more than just ./obb target. Imagine having access to half or a quarter of an ISP’s machines, for dDoS, spam and phishing. 

Malware Pulls an "Italian Job"A number of readers sent us word about a malware attack that has been underway since Saturday that began with the compromise of more than 1,100 mostly Italian Web sites. Websense claims that more than 10,000 sites have been infected by now, 80% of them in Italy. There are indications that most of the Italian sites are resident at the same large Italian hosting provider. Trend Micro reports on the attack, which is launched from a malicious Iframe tag inserted into pages on compromised sites. For visitors to these sites, this begins a cascade of "drive-by" malware downloads if one of several targeted vulnerabilities is available and unpatched. The first page to which visitors are redirected by the Iframe hosts a recent version of Mpack attack software. Panda has a month-old report on Mpack (PDF) that provides copious detail about its nefarious ways.

Read more of this story at Slashdot.


Did you like this article?


0 Shares:
You May Also Like

Microsoft Office Roundtable reviewed

Microsoft Office Roundtable reviewed -

Filed under:

The good people over at TMCnet want to keep you covered with their lengthy review of Redmond's five-camera foray into the teleconferencing game, which, as part of Microsoft's Unified Communications Platform, will probably be seeing a lot of action this year. And what are their feelings? Well, they get stoked on its resemblance to the ships in the 1953 version of War of the Worlds, dig the "head-size spatial equalization" (which makes everyone's head the same size, seriously), and think that maybe $3000 is a fair price. The only thing they weren't quite as excited about was the inability to use the panoramic features with non-Ballmerware, but even that appears to be a minor complaint. Still not sure you need one for your startup? Maybe you'd better read the whole thing.

 

Read | Permalink | Email this | Comments


Office Depot Featured Gadget: Xbox 360 Platinum System Packs the power to bring games to life!

[EnGadget]
Read More

Comcast fires employees for talking about P2P filtering

It looks as though Comcast has fired a few employees for talking out of script.
In the wake of the discovery that Comcast is blocking some peer-to-peer traffic (and even blocking some Lotus Notes e-mails), the company is attempting to keep the PR machine well-oiled by giving customer tech support reps some talking points. And if they deviate from the script and admit that Comcast has been using Sandvine to send forged TCP reset packets, they're likely to lose their jobs.
Read More

Hard times for hard drives: US may ban popular imports

This could be a damaging blow to quite a few companies within the United States. For instance, take a dedicated server hosting company that relies on one of many hardware vendors like Dell or HP (Hewlett-Packard). Its possible that said vendor will have stock pile of hard drives. Put lets put this into perspective. If you read the entire article you will see a similar situation that ended with Broadcom filing a complaint against Qualcomm. The International Trade Commission banned Qualcomm from shipping any new chips and hardware into the United Sates, and any chips that were already being shipped to the United States could continue. The ban lasted for 45 days, until an appeal by Qualcomm was successful and then the ban was lifted.
Read More