Malware Pulls an “Italian Job”

This is a pretty crazy article, and the indication that 80% of the sites were at the same large italian hosting provider. Well it looks like some script kiddies did something more than just ./obb target. Imagine having access to half or a quarter of an ISP’s machines, for dDoS, spam and phishing.  Malware Pulls an "Italian Job" – A number of readers sent us word about a malware attack that has been underway since Saturday that began with the compromise of more than 1,100 mostly Italian Web sites. Websense claims that more than 10,000 sites have been infected by now, 80% of them in Italy. There are indications that most of the Italian sites are resident at the same large Italian hosting provider. Trend Micro reports on the attack, which is launched from a malicious Iframe tag inserted into pages on compromised sites. For visitors to these sites, this begins a cascade of "drive-by" malware downloads if one of several targeted vulnerabilities is available and unpatched. The first page to which visitors are redirected by the Iframe hosts a recent version of Mpack attack software. Panda has a month-old report on Mpack (PDF) that provides copious detail about its nefarious ways. Read more of this story at Slashdot.

This is a pretty crazy article, and the indication that 80% of the sites were at the same large italian hosting provider. Well it looks like some script kiddies did something more than just ./obb target. Imagine having access to half or a quarter of an ISP’s machines, for dDoS, spam and phishing. 

Malware Pulls an "Italian Job"A number of readers sent us word about a malware attack that has been underway since Saturday that began with the compromise of more than 1,100 mostly Italian Web sites. Websense claims that more than 10,000 sites have been infected by now, 80% of them in Italy. There are indications that most of the Italian sites are resident at the same large Italian hosting provider. Trend Micro reports on the attack, which is launched from a malicious Iframe tag inserted into pages on compromised sites. For visitors to these sites, this begins a cascade of "drive-by" malware downloads if one of several targeted vulnerabilities is available and unpatched. The first page to which visitors are redirected by the Iframe hosts a recent version of Mpack attack software. Panda has a month-old report on Mpack (PDF) that provides copious detail about its nefarious ways.

Read more of this story at Slashdot.

0 Shares:
You May Also Like

How to setup the perfect desktop in Ubuntu Gutsy Gibbon

The following article from howtoforge.com shows how to setup the perfect Linux Desktop using Ubuntu Gutsy Gibbon. If you've always wanted to use Ubuntu as your desktop OS, then give this article a read and follow along using a Virtual Machine or VMWare Player.

MySQL and OpenSSL Replication what a mess!

Just a heads up, if you do decide to enable OpenSSL so you can do encrypted MySQL replication. There are two bugs that will affect replication and the mysqldump command. They're as follows: Bug #24148 regression tests hang with SSL enabled http://bugs.mysql.com/bug.php?id=24148 http://lists.mysql.com/commits/17286 Bug #27669 mysqldump: Got error: 2026: SSL connection error when trying to connect http://bugs.mysql.com/bug.php?id=27669 http://lists.mysql.com/commits/24329 This may cause lots of problems with MySQL and SSL Replication using OpenSSL. Cheers!

WWDC Leopard Beta Leaked Onto BitTorrent Site

I haven't seen this on any private trackers that I'm on. It looks like it hasn't fully been leaked. Either way, I want to install this and try it out. I am definitely liking OSX more and more as they keep adding features and GUI improvements.
WWDC Leopard Beta Leaked Onto BitTorrent Site -

leooinkleaked.jpg

It looks like the WWDC beta of Leopard was leaked onto the Oink BitTorrent Web site. (I’m not about to download it, though, that’s for sure.) Here’s a screen shot. And another. And another. That last one made me laugh. Oops!

Nobody’s completely downloaded the 6GB file yet, but the site’s forum is red hot with activity and the file already has 205 comments. Choice lines about the leak in recent days have included “this is f*#$ing ridiculous. i want leopard, and i want it now. hurry, before some heads start to roll” and “Please do not talk about this torrent file outside of OINK.”

Someone should notify Apple.

[CrunchGear]

Layeredpanel 1.0.6 (Default branch)

Layeredpanel 1.0.6 (Default branch) - Screenshot Layeredpanel is a freehosting panel which allows Linux hosters and administrators to open a large-scale freehosting platform for their users. It includes an easy-to-use interface for administrators and users alike to create user profiles, databases, and complete sites. It features one-click installation of well-known applications like phpBB and Joomla.

[FreshMeat]