Italian Websites Suffer ‘Italian Job’ Web Attack

During the weekend of June 16, 2007, Italy suffered several online attacks by a notorious virus. The virus victimized several English-language Italian websites by installing a keylogger program to capture user passwords. In some cases the code also turned target PCs into proxy servers to launch other kinds of attacks.

Hackers exploited the trust users endowed on the legitimate sites by using the JavaScript-encoded malware to redirect their browsers to servers hosting different kinds of drive-by exploits. Since the logged on systems were unpatched for several operating systems, browsers, or specific vulnerabilities, the malware successfully downloaded on these systems.

Trend Micro an ant virus company, announced this fast-spreading infection and named it "Italian Job" as Italy was the host country for most of the infected web pages. The company noted that a large number of Internet users across the world had accessed the compromised URLs unwarily during their routine web visits.

According to David Perry, global director of education at Trend Micro, hackers developed the code by using a commercially sold kit in Russia, as per news published byTechshout.com on June 19, 2007.

The HTML malware initially exploits the flaws in "iFrames" that websites commonly use and are often exploited. According to researchers at Trend Micro, the attack was perhaps programmed in the beginning and then developed with the help of a kit used for making computer Trojans.

The malware building toolkit page display information about how visitors to the Italian websites are redirected to the host page on the Internet Protocol page where the targeted browser is redirected.

The spreading mechanism of the virus is quite complex. It targets unaware website owners who do not know that their sites are compromised and visitors to those sites who are unwary of the infectious web pages that would corrupt their PCs.

The weekend's attack is the second such case of attack that has misused several Italian websites to infect PCs with malicious JavaScript. The point of concern is that hackers are targeting lawful websites as 70% of these websites were found hosting this malware.

Related article: Italian Spammers Misuse Lawyers’ Names

» SPAMfighter News - 7/2/2007

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next