Malware Pulls an "Italian Job"

A number of readers sent us word about a malware attack that has been underway since Saturday that began with the compromise of more than 1,100 mostly Italian Web sites. Websense claims that more than 10,000 sites have been infected by now, 80% of them in Italy. There are indications that most of the Italian sites are resident at the same large Italian hosting provider. Trend Micro reports on the attack, which is launched from a malicious Iframe tag inserted into pages on compromised sites. For visitors to these sites, this begins a cascade of "drive-by" malware downloads if one of several targeted vulnerabilities is available and unpatched. The first page to which visitors are redirected by the Iframe hosts a recent version of Mpack attack software. Panda has a month-old report on Mpack (PDF) that provides copious detail about its nefarious ways.

Re:Why do they never come right out and say...

"The day your favorite OS dominates the market, it'll be pwned, don't you worry."

If market share is any indication to being pwned; then why isn't Apache attacked more that IIS? According to Netcraft Apache has 53.76% of the market compared to MS: 31.83%

And I say this as 1) a Firefox fan, hoping that it never gets to be the majority browser for precisely that reason, and

I personally only want FF have enough of the market; just enough to make companies follow the web standards: IE not catering to only one browser. Actually, the same applies to ODF; just enough to make companies not require a specific Office Suite.

"2) a fan of all the OS's. I use Windows for my desktops, Linux for my servers, and Mac sometimes to play."
Use what ever works for you.

Re:It's all Microsoft vulnerabiltiies

[weicco]

Even simplier:

1. Run Windows Update