MPack Trojan Attack Claims 10,000 Web SitesBy Brian Prince | Posted 2007-06-18 Email Print
Security software services report that a massive Web attack, dubbed the "Italian Job," has now compromised as many as 10,000 Web sites.Researchers at Trend Micro are reporting that as many as 10,000 Web sites have been infected with malicious code that redirects unsuspecting users to a server booby-trapped with drive-by exploitspart of a wave of attacks originating in Italy and now spreading through Europe.
Dubbed the "Italian Job" by Trend Micro, the attack was first uncovered June 15. Legitimate sites were hacked to include a malicious iFrames tag redirecting visitors to servers armed with a tool called MPack, an exploit tool that can target security holes in multiple products.
Since June 15, the number of sites affected by the attack has multiplied several times over, said David Perry, global director of education for Trend Micro, based in Cupertino, Calif.
"There are already somewhere between 5,000 and 10,000 Web sites affected by this," Perry said. "There's nothing that all these Web sites have in common. I'm calling it a Web-idemic."
According to Websense, based in San Diego, the regions most affected by the situation have been Italy and Spain.
In a blog posting June 15, Symantec researcher Elia Florio advised Italian users to update their anti-virus products and make sure all the recent patches are installed on their machines.