Link: Security researchers uncover massive attack on Italian web sites .
Security researchers uncover massive attack on Italian web sites
Published: June 18, 2007 - 02:58PM CT
Security researchers at Symantec have verified that a large-scale web attack targeting Italian web sites and their users is underway.
The attackers exploited vulnerabilities at the ISP and web hosting provider level to add snippets of IFRAME code to hundreds of popular Italian web sites, including those of IT companies, car rental firms, tax services, city councils, and hotel and travel destinations. The compromised web sites attempt to use exploits in unpatched versions of Internet Explorer, QuickTime, Windows 2000, Firefox, WinZip, and Opera, in order to install malware packages on end users' computers.
The attackers used a "commercial" malware kit called MPack, which is sold by a Russian gang. Currently at version 0.86, MPack provides would-be malware installers with a complete package that can be installed on any web server that runs PHP with an SQL database. The owners of MPack have been selling it to other criminal organizations for between $700 and $1,000 a pop, with additional exploit modules available for between $50 and $150. For an additional $30, the MPack owners will include a feature that helps prevent the malware from being detected by antivirus programs....
