Technology news and Jobs 
Information Technology News Italian Job web attack spreads to other nations
Information Technology News Italian Job web attack spreads to other nations | Italian Job web attack spreads to other nations |
|
| by Stephen Withers | |
| Tuesday, 19 June 2007 | |
|
Late last week, Symantec reported "a large-scale web attack going on in Italy" using a malicious IFRAME to redirect traffic to a domain which employs the Mpack kit to exploit vulnerable systems. The affected sites come from a wide variety of segments, including tourism, local government and IT. According to Trend Micro, "most have been known to be relatively safe and legitimate prior to this incident." Trend described the process in more detail. It seems that a cascade of malware is employed to install a proxy server and a keylogger. According to security vendors, at least one part of the process is browser aware in that the malware detects which browser it is running on in order to select an appropriate vulnerability for Internet Explorer, Firefox, Opera and even QuickTime. These bugs have already been eradicated by developers, so properly maintained PCs should not be at risk. In any case, current desktop and gateway security software blocks most, if not all, of the attacks. However, Trend warns that one of the downloaders used in the process can easily be updated by the perpetrators to deliver additional capabilities. Symantec's theory is that a vulnerability or configuration issue at a hosting provider may account for the number of compromised sites. Trend went a step further, noting that "most of these sites are hosted on one of the largest Web hoster/provider in Italy."{moscomment}
Get stories like this delivered daily - FREE - subscribe now
|
Tags
| < Next story in category | Previous story in the category > |
|---|
