New International Web Attack Uses Malicious iFrames
The Italian attack in June 2007, where malicious iFrames were embedded in over 10,000 regular Web pages, has reappeared with greater international connection this time.
The June 2007 threat injected malicious HTML codes into Web pages of a number of legitimate Italian Websites that infected surfers accessing those sites. The new attack arises from several freshly registered Websites that purport to belong to Italian organizations while in reality, they are just means for using harmful iFrames to distribute malware.
What's more, the new Websites are not hosted in Italy but in other countries like Germany and have direct links with malware writers in Russia, said Paul Ferguson, network architect at Trend Micro. Information Week published Ferguson's statement on July 27, 2007.
A researcher at Trend Micro discovered an IP address that contained 400 items of malware on separate URLs. While the research hasn't reached the stage for law enforcement to take action, the firm was able to detect the evil iFrame-laden sites before the problem had fully ripened, Ferguson added.
One reason for this is that hackers are changing their preference from e-mail to spread malware to malicious Websites to do the same job. Sometimes, they set up their own evil Websites but most often they hijack legitimate sites and inject malicious code into them.
With an iFrame, it is possible to embed one HTML document within another. In the first attack last month in June 2007, the victims were people surfing the Web. In that month, attackers planted iFrames onto certain Italian Websites like those on tourism or employment services. When visitors on these sites clicked the embedded malevolent iFrames, their PCs got infected.
This technique symbolizes the next step in the evolution of the delivery system of malware. To prevent these upcoming methods, there is no need for security vendors to add signatures to anti-malware solutions or add to the already huge blacklists. As cyber crooks experiment with ever-more new techniques, the solution to fight online attacks is to trace the origin of the criminals' malicious sites, added Ferguson.
Related article: New Zealand Releases Code To Reduce Spam
» SPAMfighter News - 08-08-2007