Malware Pulls an “Italian Job”

This is a pretty crazy article, and the indication that 80% of the sites were at the same large italian hosting provider. Well it looks like some script kiddies did something more than just ./obb target. Imagine having access to half or a quarter of an ISP’s machines, for dDoS, spam and phishing.  Malware Pulls an "Italian Job" – A number of readers sent us word about a malware attack that has been underway since Saturday that began with the compromise of more than 1,100 mostly Italian Web sites. Websense claims that more than 10,000 sites have been infected by now, 80% of them in Italy. There are indications that most of the Italian sites are resident at the same large Italian hosting provider. Trend Micro reports on the attack, which is launched from a malicious Iframe tag inserted into pages on compromised sites. For visitors to these sites, this begins a cascade of "drive-by" malware downloads if one of several targeted vulnerabilities is available and unpatched. The first page to which visitors are redirected by the Iframe hosts a recent version of Mpack attack software. Panda has a month-old report on Mpack (PDF) that provides copious detail about its nefarious ways. Read more of this story at Slashdot.

This is a pretty crazy article, and the indication that 80% of the sites were at the same large italian hosting provider. Well it looks like some script kiddies did something more than just ./obb target. Imagine having access to half or a quarter of an ISP’s machines, for dDoS, spam and phishing. 

Malware Pulls an "Italian Job"A number of readers sent us word about a malware attack that has been underway since Saturday that began with the compromise of more than 1,100 mostly Italian Web sites. Websense claims that more than 10,000 sites have been infected by now, 80% of them in Italy. There are indications that most of the Italian sites are resident at the same large Italian hosting provider. Trend Micro reports on the attack, which is launched from a malicious Iframe tag inserted into pages on compromised sites. For visitors to these sites, this begins a cascade of "drive-by" malware downloads if one of several targeted vulnerabilities is available and unpatched. The first page to which visitors are redirected by the Iframe hosts a recent version of Mpack attack software. Panda has a month-old report on Mpack (PDF) that provides copious detail about its nefarious ways.

Read more of this story at Slashdot.

0 Shares:
You May Also Like

Screenshot Tour: Customize Windows XP with TweakUI

LifeHacker Has a walk through of how to customize Microsoft Windows XP with Tweak UI, with included screen shots.
Customize Windows XP with TweakUI - One of the best tools for fine-tuning Windows XP is the free TweakUI PowerToy utility from Microsoft. TweakUI digs deep into Windows' settings and can customize its behavior dozens of ways, from how many icons appear on the Alt-Tab dialog to Explorer context menu choices to what your program shortcuts look like. TweakUI's been around forever and we've mentioned it here and there throughout the years at Lifehacker, but it's high time we gave it the full walk-through it deserves. After the jump, take a gander at 15 useful adjustments you can make to your XP system with TweakUI.

Mobile Chat When Will it Work?

If you've had an iPhone since the launch of Apples Application Store, then you most likely have bought the app Mobile Chat. I mean who wouldn't, just looking at their features http://mobilech.at/features you'd be silly not to pick the only instant messenger on the iPhone. Granted there are Web App versions, but nothing application wise. Here are some of the features.
MobileChat supports the following protocols: * AIM/ICQ/.Mac/MobileME * Windows Live/MSN * Yahoo Messenger * GTalk * Jabber/XMPP Multiple Accounts