Russian Web Server With 400 Malware
Security researchers working on a study at Trend Micro, the anti-virus firm, have found a Web server in Russia currently hosting nearly 400 malware, and a number of Italian Websites connected to the malicious server.
The discovery is capable of setting off a massive attack. Chenghuai Lu, Trend Micro's senior threat analyst, has unfolded a website holding hundreds of malicious programs. Lu has determined the IP address of the server hosting the site to Russia, reported ComputerWorldUK on August 3, 2007. Among these malware, there were variants of some Trojan families viz., Polycrypt.g, Clicker.qu, and Dropper.cko. These are designed to capture the Internet Explorer browser on hacked computers and then take surfers to pornographic websites.
These huge malware specimens leads one to believe that something hot is boiling in Russia, stated Carolyn Guevarra, researcher, Trend Micro. Pocket-lint published Guevarra's statement on August 3, 2007. There has been a recent instance of cyber criminals launching the 'Italian Job' assault, Guevarra added.
According to Trend Micro researchers, while the greater number of malware the Russian server hosts seem to be duplicates of each other, there are three groups that lead to adult Websites on a victim's browser. The company has also found some Web pages in Italian language that have malicious code. These too seem to connect to the Russian server.
In July 2007, said Trend Micro, a Web attack infected Websites (numbering in thousands). The sites were mostly Italian. The company was monitoring the recent situation and has turned off the malware-laden websites. It has also taken steps to prevent any new malware from the Russian server.
Related article: Russian Hackers Break into NOAA to Push Pills
» SPAMfighter News - 16-08-2007