Malware Pulls an “Italian Job”

  • June 18, 2007
  • 1 minute read
This is a pretty crazy article, and the indication that 80% of the sites were at the same large italian hosting provider. Well it looks like some script kiddies did something more than just ./obb target. Imagine having access to half or a quarter of an ISP’s machines, for dDoS, spam and phishing.  Malware Pulls an "Italian Job" – A number of readers sent us word about a malware attack that has been underway since Saturday that began with the compromise of more than 1,100 mostly Italian Web sites. Websense claims that more than 10,000 sites have been infected by now, 80% of them in Italy. There are indications that most of the Italian sites are resident at the same large Italian hosting provider. Trend Micro reports on the attack, which is launched from a malicious Iframe tag inserted into pages on compromised sites. For visitors to these sites, this begins a cascade of "drive-by" malware downloads if one of several targeted vulnerabilities is available and unpatched. The first page to which visitors are redirected by the Iframe hosts a recent version of Mpack attack software. Panda has a month-old report on Mpack (PDF) that provides copious detail about its nefarious ways. Read more of this story at Slashdot.

This is a pretty crazy article, and the indication that 80% of the sites were at the same large italian hosting provider. Well it looks like some script kiddies did something more than just ./obb target. Imagine having access to half or a quarter of an ISP’s machines, for dDoS, spam and phishing. 

Malware Pulls an "Italian Job"A number of readers sent us word about a malware attack that has been underway since Saturday that began with the compromise of more than 1,100 mostly Italian Web sites. Websense claims that more than 10,000 sites have been infected by now, 80% of them in Italy. There are indications that most of the Italian sites are resident at the same large Italian hosting provider. Trend Micro reports on the attack, which is launched from a malicious Iframe tag inserted into pages on compromised sites. For visitors to these sites, this begins a cascade of "drive-by" malware downloads if one of several targeted vulnerabilities is available and unpatched. The first page to which visitors are redirected by the Iframe hosts a recent version of Mpack attack software. Panda has a month-old report on Mpack (PDF) that provides copious detail about its nefarious ways.

Read more of this story at Slashdot.


Did you like this article?


0 Shares:
Share 0
Tweet 0
Share 0
Share 0
— Previous article

Iran.com sold for $400,000

Next article —

AMD considering getting out of fabrication business

You May Also Like

What happened to Apple Customer Service?

  • by
  • October 16, 2007
A nice little article about how Apples growth is affecting its customers, is Apple short changing all of its loyal customers, fans and newly won over customers by looking more for profit rather than customer satisfaction?
Read More

Screenshot Tour: Customize Windows XP with TweakUI

  • by
  • October 11, 2007
LifeHacker Has a walk through of how to customize Microsoft Windows XP with Tweak UI, with included screen shots.
Customize Windows XP with TweakUI - One of the best tools for fine-tuning Windows XP is the free TweakUI PowerToy utility from Microsoft. TweakUI digs deep into Windows' settings and can customize its behavior dozens of ways, from how many icons appear on the Alt-Tab dialog to Explorer context menu choices to what your program shortcuts look like. TweakUI's been around forever and we've mentioned it here and there throughout the years at Lifehacker, but it's high time we gave it the full walk-through it deserves. After the jump, take a gander at 15 useful adjustments you can make to your XP system with TweakUI.
Read More
UUncategorized

QuickPwn Release Allows Fast Jailbreak Of iPhone Firmware Update 2.0.2

That's right, hot off the blog presses QuickPwn has been updated by the iphone-dev.org team and now allows you to Jailbreak your iPhones 2.0.2 firmware. The new 2.0.2 firmware that was released on Monday supposedly fixes some "bugs", however the bugs aren't mentioned anywhere.
Here is the updated QuickPwn for Windows, wrapped by Poorlad’s GUI. It contains our new bundles for 2.0.2 and we’ve added support for version 2.0 devices which means you can QuickPwn and jailbreak the device if it is running 2.0, 2.0.1 or 2.0.2. Remember this is still beta software, so usual rules apply, no complaints ifanything goes wrong and use the tool at at your own risk! Download here! SHA1 = 8e1ed2ce9e7e473d38a9dc7824a384a9ac34d7d0

Read the full article at blog.iphone-dev.org
Download the new QuickPwn 1.2.0 with the new 2.0.2 bundle.

Thanks for another successful Jailbreak!
Read More

Comcast Blocks Some Internet Traffic

  • by
  • October 22, 2007
If you're a Comcast Customer, then you should be concerned with what they're doing to your internet connection. Why? Because Comcast is filtering your internet traffic, this article goes in-depth into what exactly is being filtered and tests that prove it is occurring. On one hand it looks like Comcast is trying to keep its network from being stressed with file sharing, on the other it looks like they might not just be filtering file sharing protocols.
Read More
UUncategorized

Extremely Manual iPhone Firmware 2.1 Jailbreak for 3G Released by XPWN

There is a very manual tutorial up at xpwn.co.uk on how to Jailbreak your iPhone with the 2.1 firmware:
T14:19 http://xpwn.co.uk/2.1JBtut.txt 14:19 2.1 3g jailbreak tutorial 14:22 geeb: has it been tested? 14:22 comm 14:22 yes by me 14:22 and others in #xpwn are running it now
The following are the instructions
Download the 2.1 firmware <--http://appldnld.apple.com.edgesuite.net/content.info.apple.com/iPhone/061-5198.20080909.K3294/iPhone1,2_2.1_5F136_Restore.ipsw
Read More