Slashdot Mirror

← Back to Stories (view on slashdot.org)

Malware Pulls an "Italian Job"

Posted by kdawson on from the blame-italy dept.

A number of readers sent us word about a malware attack that has been underway since Saturday that began with the compromise of more than 1,100 mostly Italian Web sites. Websense claims that more than 10,000 sites have been infected by now, 80% of them in Italy. There are indications that most of the Italian sites are resident at the same large Italian hosting provider. Trend Micro reports on the attack, which is launched from a malicious Iframe tag inserted into pages on compromised sites. For visitors to these sites, this begins a cascade of "drive-by" malware downloads if one of several targeted vulnerabilities is available and unpatched. The first page to which visitors are redirected by the Iframe hosts a recent version of Mpack attack software. Panda has a month-old report on Mpack (PDF) that provides copious detail about its nefarious ways.

3 of 133 comments (clear)

  1. I wish they'd count "servers" and not "sites" by Anonymous Coward · · Score: 5, Interesting

    This malware probably just affected a single DreamHost shared server, thus bringing down 10,000+ sites at once.

    But this method of artificial number inflating is to be expected from an industry trying to promote their anti-malware, anti-virus, anti-spyware, anti-trojan, anti-anti-virus, anti-rootkit products. Anyone actually requiring these craplets to be installed on their dedicated servers have a much larger problem between the keyboard and the monitor to worry about.

    1. Re:I wish they'd count "servers" and not "sites" by justinlee37 · · Score: 3, Interesting

      between the keyboard and the monitor to worry about.

      Did you mean between the keyboard and the chair? Because all I see between my keyboard and my monitor is a desk with a dirty shot glass, a lighter, a knife, a case screw, two dimes, two empty cups of hot sauce, an open bottle of safeway-brand "personal lubricating liquid", and a bag of grass ...

      So you may be able to understand how I'm totally lost here.

  2. Re: Viruses/Viri/Virii by mrbluze · · Score: 2, Interesting

    Yes, viri/virii is incorrect (for now), but when the vast majority of us don't RTFA (or can't, due to the /. effect), you can hardly expect people to figure it out all on their own ;)

    If we speak of groups of virus types (that is, a species), there are different forms used depending on whether we're speaking of a family, genus, etc. (if you read the full wikipaedia article, and if you studied it in uni):

    • Order: virales
    • Family: viridae
    • Subfamily: virinae
    • Genus & Species: virus

    Now the individual virus is a virion, which probably has its own possible plurals, to make matters worse.

    But viruses is the correct plural for English speakers, by convention, but I remember the virulogist (or virologist) speaking of viruses as viridae, since we usually distinguish them by their family, eg: herpes, pox, and so on.

    --
    Do it yourself, because no one else will do it yourself. [beta blockade 10-17 Feb]