In yet another case where we have the bad guys running in circles around the hapless user, it appears that as many as 10,000 Web sites have been hacked and infected with iFrame code that redirects them automatically to a malicious server.
The destination in question has been armed with a multiple product exploit tool that then attempts to serve up a brew of malicious JavaScript. If successful, this JavaScript will try to exploit a buffer overflow vulnerability in unpatched browsers so as to download and run a keylogger variant of a Russian Trojan.
And oh, it is called “Italian Job” by virtue of the fact that the regions most affected by the situation (so far) have been Italy and Spain. You can read more about it from the eWeek article here.
The usual sources are giving the usual tips: Install the latest patches, the latest anti-virus definitions, don’t talk to strangers and blah blah and blah blah. This advice is kind of pointless given that the trojan currently dodges anti-virus detection (see major AV vendors agree that a pure signature-based approach is insufficient) and “unpatched browsers” can just as well mean “no patch available yet” nowadays.
For 100% fool-proof, sure-work advice, try this: switch off your Internet connection. There, I’ve gone ahead and said what you’ve always wanted to tell your CEO. Saved your company a bunch in not having to pay for definition updates as well. Send your flames this way please.
Daily Tech Insider Newsletter
Stay up to date on the latest in technology with Daily Tech Insider. We bring you news on industry-leading companies, products, and people, as well as highlighted articles, downloads, and top resources. You’ll receive primers on hot tech topics that will help you stay ahead of the game.
Delivered Weekdays
