Malware Pulls an "Italian Job"

A number of readers sent us word about a malware attack that has been underway since Saturday that began with the compromise of more than 1,100 mostly Italian Web sites. Websense claims that more than 10,000 sites have been infected by now, 80% of them in Italy. There are indications that most of the Italian sites are resident at the same large Italian hosting provider. Trend Micro reports on the attack, which is launched from a malicious Iframe tag inserted into pages on compromised sites. For visitors to these sites, this begins a cascade of "drive-by" malware downloads if one of several targeted vulnerabilities is available and unpatched. The first page to which visitors are redirected by the Iframe hosts a recent version of Mpack attack software. Panda has a month-old report on Mpack (PDF) that provides copious detail about its nefarious ways.

Re:Why do they never come right out and say...

[MadUndergrad]

Speaking of looking like a douche, it's "viruses". I'll say it again, "viruses". Not virii.

Queso scan

[ozmanjusri]

A queso scan identified the machines used to compromise the servers as Mac Minis...

Mafia spam?

[Tablizer]

As a sign of this, I just got a spam that insisted I purchase a lower mortgage, along with a photo of a horse head.

Re:Why do they never come right out and say...

Let's just hope that Apache never becomes dominant in the server section so the same doesn't happen to it.

After the title...

[Comboman]

...I was hoping for a story about a malware attack that involved the use of Michael Caine and numerous Minis.

Re: Viruses/Viri/Virii

But I agree with you, virii is both bad English and bad Latin.

Here, here! Whomever reads slashdot, their things like this that effect how your percieved. Its rediculous, to!