Enterprise Software

The Italian Job: New browser-based attack

SecurityIn yet another case where we have the bad guys running in circles around the hapless user, it appears that as many as 10,000 Web sites have been hacked and infected with iFrame code that redirects them automatically to a malicious server.

The destination in question has been armed with a multiple product exploit tool that then attempts to serve up a brew of malicious JavaScript. If successful, this JavaScript will try to exploit a buffer overflow vulnerability in unpatched browsers so as to download and run a keylogger variant of a Russian Trojan.

And oh, it is called "Italian Job" by virtue of the fact that the regions most affected by the situation (so far) have been Italy and Spain. You can read more about it from the eWeek article here.

The usual sources are giving the usual tips: Install the latest patches, the latest anti-virus definitions, don't talk to strangers and blah blah and blah blah. This advice is kind of pointless given that the trojan currently dodges anti-virus detection (see major AV vendors agree that a pure signature-based approach is insufficient) and "unpatched browsers" can just as well mean "no patch available yet" nowadays.

For 100% fool-proof, sure-work advice, try this: switch off your Internet connection. There, I've gone ahead and said what you've always wanted to tell your CEO. Saved your company a bunch in not having to pay for definition updates as well. Send your flames this way please.

About

Paul Mah is a writer and blogger who lives in Singapore, where he has worked for a number of years in various capacities within the IT industry. Paul enjoys tinkering with tech gadgets, smartphones, and networking devices.

Editor's Picks